ClawHub

Playwright (scripts) + npx

v1.0.0

Run Node.js scripts using Playwright for full browser automation, including scraping, screenshots, form handling, and dynamic content interaction.

0· 1.7k·18 current·18 all-time
by@mahone-bot
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description (Playwright via node/npx) align with requirements and files. Required binaries (node, npx) and the examples/templates/scripts all directly support browser automation, scraping, screenshots and form automation; nothing requested is unrelated to that purpose.
Instruction Scope
SKILL.md and example scripts instruct the agent/user to run npm install, npx playwright install, and node .mjs scripts that navigate arbitrary websites, take screenshots, and read/write local files (e.g., tmp/session.json, tmp/*.png). This is expected for Playwright but means the skill executes code with filesystem and network access; session persistence may store cookies/auth tokens and examples show file upload APIs (setInputFiles). Users should be aware these are sensitive capabilities.
Install Mechanism
No automated install spec in the skill bundle (instruction-only). The docs recommend standard npm + npx commands (npm install playwright, npx playwright install) which pull packages/binaries from npm/Playwright distribution — expected for this tooling and not an untrusted arbitrary-download pattern.
Credentials
The skill declares no environment variables or credentials (proportionate). However, example code persists storageState/session files and demonstrates proxy configuration examples that could include credentials; these are examples rather than required env vars, but they highlight that scripts can store or transmit sensitive data if misused.
Persistence & Privilege
Skill does not request always:true and does not modify other skills or global agent config. It is user-invocable and can run code when invoked, which is appropriate for its purpose.
Assessment
This skill appears to do what it says (run Playwright scripts) but it executes arbitrary Node code that can hit any website and read/write local files. Before using: (1) review the included example scripts and any script you run; (2) avoid running untrusted scripts or code from unknown authors; (3) be cautious about session files (tmp/session.json) — they can contain cookies/tokens; (4) run installs (npm install / npx playwright install) in an isolated project or container, pin the playwright version, and run npm audit; (5) if you need to limit risk, run scripts in a sandboxed environment (VM/container) or restrict network/file access. If you want, inspect the GitHub repo referenced in _meta.json before installing or using.

Like a lobster shell, security has layers — review code before you run it.

automationvk975v0cf1edwzq1z7kh9wastch815k0sbrowservk975v0cf1edwzq1z7kh9wastch815k0slatestvk975v0cf1edwzq1z7kh9wastch815k0snodejsvk975v0cf1edwzq1z7kh9wastch815k0splaywrightvk975v0cf1edwzq1z7kh9wastch815k0sscrapingvk975v0cf1edwzq1z7kh9wastch815k0s

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🎭 Clawdis
Binsnode, npx

Comments