Beatport Download via Browser Tool

v1.0.0

Download purchased tracks from Beatport using the openclaw headless browser tool (CDP). Handles login, authentication via NextAuth, enabling downloads in hea...

⭐ 0· 48·0 current·0 all-time

by@esanle

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for esanle/beatport-dl-with-browser-tool.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "Beatport Download via Browser Tool" (esanle/beatport-dl-with-browser-tool) from ClawHub.
Skill page: https://clawhub.ai/esanle/beatport-dl-with-browser-tool
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install beatport-dl-with-browser-tool

ClawHub CLI

Package manager switcher

npx clawhub@latest install beatport-dl-with-browser-tool

Security Scan

Capability signals

CryptoCan make purchasesRequires OAuth tokenRequires sensitive credentials

These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.

VirusTotal

Suspicious

View report →

OpenClaw

Benign

medium confidence

ℹ

Purpose & Capability

Name/description match the included JS and SKILL.md: both implement CDP-driven login, cookie/token capture, and download handling for Beatport. One oddity: the code requires the 'ws' module from a hard-coded absolute path (/opt/homebrew/...), which is macOS/homebrew-specific and fragile — it is related to the skill's use of openclaw but should not be required as an absolute path.

✓

Instruction Scope

SKILL.md and scripts instruct the agent to drive a local headless Chrome via CDP, perform login in-page, capture download tokens and cookies, enable browser downloads, and write downloaded files to a user-specified directory. All actions are within the stated download purpose; the instructions do not ask the agent to read unrelated system files or to transmit captured credentials/tokens to external endpoints.

✓

Install Mechanism

This is an instruction-only skill with a bundled helper script and no install spec or external downloads. Nothing is fetched from arbitrary URLs or installed automatically. Risk from install mechanism is low.

ℹ

Credentials

The skill requires Beatport credentials to sign in (documented in SKILL.md) but does not declare environment variables for them — this is reasonable for an interactive flow, but you should be aware you'll need to supply username/password. The absolute ws module path is unusual and platform-specific; it implicitly assumes a particular openclaw installation layout and macOS/Homebrew environment.

✓

Persistence & Privilege

The skill is not always-enabled and is user-invocable. It does not request persistent system-wide privileges or attempt to modify other skills. It will write downloads and screenshots to the local filesystem as part of normal operation, which is expected for this purpose.

Assessment

This skill appears to do what it says (drive a local headless browser to login and download your purchased Beatport tracks). Before running it: 1) Review the included scripts yourself — they will control your local browser and write files to disk. 2) Note the hard-coded require('/opt/homebrew/.../ws') path: update it to use your environment's ws/openclaw module or install the module locally to avoid surprises. 3) Only provide Beatport credentials on a machine you trust; the script will capture cookies/JWTs (necessary for downloads) and those should be treated as sensitive — consider using a temporary account or rotating your password afterwards. 4) Ensure the openclaw/CDP endpoint (127.0.0.1:9222) is local and not exposed to untrusted networks. 5) If unsure, run the script in an isolated VM or container first to confirm behavior. If you want higher assurance, ask the author to remove absolute paths and document how credentials are supplied and handled.

Like a lobster shell, security has layers — review code before you run it.

latestvk9764yfddfe8n1g21vd5gdb9vs85jvq0

48downloads

0stars

1versions

Updated 1d ago

v1.0.0

MIT-0

Beatport Download via Browser Tool

Download purchased Beatport tracks through the openclaw headless browser using CDP (Chrome DevTools Protocol).

Prerequisites

openclaw browser running on 127.0.0.1:9222
Beatport credentials (username + password)
ws module at /opt/homebrew/lib/node_modules/openclaw/node_modules/ws
Node.js runtime

Authentication Flow

Beatport uses a dual-auth system:

account.beatport.com — Django session (sessionid cookie)
www.beatport.com — NextAuth (__Secure-next-auth.session-token cookie)

Login Steps

Navigate to https://account.beatport.com/ via CDP Page.navigate
Fill username/password via Runtime.evaluate (use native input setters to bypass React controlled inputs)
Submit the login form
On the www.beatport.com tab, sign in via NextAuth:

// In browser context on www.beatport.com
fetch("/api/auth/csrf").then(r => r.json()).then(csrf => {
  const fd = new URLSearchParams();
  fd.append("csrfToken", csrf.csrfToken);
  fd.append("username", "USER");
  fd.append("password", "PASS");
  fd.append("callbackUrl", "https://www.beatport.com/");
  // Create hidden form and submit (fetch redirect fails cross-origin)
  const form = document.createElement("form");
  form.method = "POST";
  form.action = "/api/auth/signin/beatport";
  form.style.display = "none";
  for (const [k, v] of Object.entries(Object.fromEntries(fd))) {
    const inp = document.createElement("input");
    inp.type = "hidden"; inp.name = k; inp.value = v;
    form.appendChild(inp);
  }
  document.body.appendChild(form);
  form.submit();
});

Verify login: Account menu button should appear in navbar (no Create Account or Log In button)

Key URLs

Page	URL	Purpose
Cart	`https://www.beatport.com/cart`	Items pending purchase
Library	`https://www.beatport.com/library`	Purchased tracks (may show Upgrade for free accounts)
Downloads	`https://www.beatport.com/library/downloads`	Download queue
Checkout	`https://www.beatport.com/checkout`	Payment page

Note: /my-beatport/downloads and /my-beatport/collection return 404. The correct paths are /library and /library/downloads.

Enabling Downloads in Headless Chrome

Headless Chrome cancels downloads by default. Enable via CDP on the browser-level WebSocket:

// Browser-level WS: ws://127.0.0.1:9222/devtools/browser/<id>
ws.send(JSON.stringify({
  id: 1,
  method: "Browser.setDownloadBehavior",
  params: {
    behavior: "allowAndName",
    downloadPath: "/path/to/download/dir/",
    eventsEnabled: true
  }
}));

Get browser ID from http://127.0.0.1:9222/json/version → webSocketDebuggerUrl.

Downloading Tracks

Step 1: Add tracks to download queue

On /library, each track has a re-download icon (svg[data-testid='icon-re-download']). Click each one to add to the download queue:

var icons = document.querySelectorAll("svg[data-testid='icon-re-download']");
icons.forEach(function(icon, i) {
  setTimeout(function() { icon.closest("button, div").click(); }, i * 500);
});

Step 2: Download from queue page

Navigate to /library/downloads. All queued tracks appear with a "Download All" button.

Step 3: Click Download All

Enable browser downloads first (see above), then click:

var btn = [...document.querySelectorAll("button")].find(b => b.innerText.includes("Download All"));
if (btn) btn.click();

The download arrives as a zip file (e.g. beatport_tracks_2026-04.zip).

Step 4: Unzip and clean up

cd /path/to/download/dir
unzip -o beatport_tracks_*.zip -d tmp/
mv tmp/*.mp3 .
rm -rf tmp/ beatport_tracks_*.zip

Download URL Format

https://zips.beatport.com/v1/download?token=<JWT_TOKEN>

The token is single-use and expires quickly. Always capture fresh from events.

Download URL Format

https://zips.beatport.com/v1/download?token=<JWT_TOKEN>

The token is single-use and expires quickly. Always capture it fresh from the Page.downloadWillBegin event.

API Access

Access Token

curl -s -H "Cookie: <cookies>" \
  "https://www.beatport.com/_next/data/<buildId>/en/library/downloads.json" \
  | jq -r '.pageProps.accessToken'

Library Data

curl -s -H "Cookie: <cookies>" \
  "https://www.beatport.com/_next/data/<buildId>/en/library.json" \
  | jq '.pageProps.dehydratedState.queries[].state.data.results[] | {name, id, artists}'

Build ID

curl -s "https://www.beatport.com/" | grep -o '"buildId":"[^"]*"' | head -1

Current buildId (subject to change): PWoDyRo_P5V8lNYu_92bX

Common Pitfalls

Cross-domain navigation fails with Page.navigate — Use location.href = "..." via Runtime.evaluate instead

React controlled inputs don't respond to .value = — Use native input value setter:

var input = document.querySelector("input[name=username]");
var nativeSetter = Object.getOwnPropertyDescriptor(HTMLInputElement.prototype, "value").set;
nativeSetter.call(input, "username");
input.dispatchEvent(new Event("input", { bubbles: true }));

Node.js string escaping in -e — Use String.raw\...`template literals, or write code to a file and run withnode file.js`
Free account download limit — 20 downloads per track. "Unlimited re-downloads" requires Beatport Streaming subscription
CDP exec timeout — openclaw kills long-running node processes (~10s). Keep CDP operations short; use background: true + process poll for longer waits
curl path — Use /usr/bin/curl, not /opt/homebrew/bin/curl (may not exist)

CDP Helper Pattern

Write scripts to files to avoid shell escaping issues:

// scripts/beatport-cdp.js
const WS = require("/opt/homebrew/lib/node_modules/openclaw/node_modules/ws");
const http = require("http");

function getPage(filter) {
  return new Promise((resolve) => {
    http.get("http://127.0.0.1:9222/json", (res) => {
      let body = "";
      res.on("data", (c) => body += c);
      res.on("end", () => {
        const pages = JSON.parse(body).filter(p => p.type === "page");
        resolve(filter ? pages.find(filter) || pages[0] : pages[0]);
      });
    });
  });
}

function cdpEval(ws, expression) {
  return new Promise((resolve) => {
    ws.send(JSON.stringify({ id: Date.now(), method: "Runtime.evaluate", params: { expression, returnByValue: true } }));
    ws.on("message", (m) => {
      const d = JSON.parse(m.toString());
      if (d.id && d.result) { resolve(d.result); }
    });
  });
}

async function screenshot(ws, path) {
  return new Promise((resolve) => {
    ws.send(JSON.stringify({ id: Date.now(), method: "Page.captureScreenshot", params: { format: "png" } }));
    ws.on("message", (m) => {
      const d = JSON.parse(m.toString());
      if (d.id && d.result && d.result.data) {
        require("fs").writeFileSync(path, Buffer.from(d.result.data, "base64"));
        resolve();
      }
    });
  });
}

module.exports = { getPage, cdpEval, screenshot };

Format Compatibility

CDJ-2000: MP3 or WAV
Beatport download options: MP3, WAV, AIFF, FLAC
Default is MP3; select WAV/AIFF on cart page or account settings if needed for CDJ compatibility

Comments

Loading comments...