← Back to Skills Marketplace
ashish797

Gbrow

by ashish797 · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
103
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install gbrow
Description
Full-featured headless browser for OpenClaw agents. Navigate, snapshot with accessibility tree (@ref clicks), tabs, JS execution, cookie import. No vision mo...
README (SKILL.md)

Gbrow — The Browser Your AI Agent Actually Needs

A full-featured headless browser powered by Playwright and Bun. Uses the accessibility tree for page reading — not expensive vision models.

Why Gbrow?

Traditional (screenshots + vision) Gbrow (accessibility tree)
Screenshot → upload to GPT-4o → wait → read ariaSnapshot() → instant structured text
~$0.01 per page read Free
3-10 seconds per page \x3C 100ms
Fails on API key issues Always works
Click by fragile CSS selector Click by @ref (@e1, @e2, etc.)

Quick Setup

# Clone and install
git clone https://github.com/ashish797/Gbrow.git ~/.openclaw/workspace/skills/Gbrow
cd ~/.openclaw/workspace/skills/Gbrow
bash setup.sh

Or one-liner:

curl -fsSL https://raw.githubusercontent.com/ashish797/Gbrow/main/setup.sh | bash

How It Works

1. Start the server

cd ~/.openclaw/workspace/skills/Gbrow
bun run src/server.ts

2. Read the page (accessibility tree)

The snapshot gives you a structured view with clickable refs:

@e1 [heading] "Welcome" [level=1]
@e2 [link] "Get Started"
@e3 [button] "Sign in"
@e4 [textbox] "Search"

3. Click by ref

click @e2     → clicks "Get Started"
fill @e4 "query"  → types into search box

Commands

Navigation

Command Description Example
goto \x3Curl> Navigate to URL goto https://example.com
back History back back
forward History forward forward
reload Reload page reload
url Print current URL url

Reading

Command Description Example
snapshot Accessibility tree with @refs snapshot -i (interactive only)
text Cleaned page text text
html [selector] Raw HTML html .article
links All links as "text → href" links
forms Form fields as JSON forms

Interaction

Command Description Example
click \x3Cref> Click element click @e3
fill \x3Cref> \x3Ctext> Fill input fill @e4 "hello"
select \x3Cref> \x3Cvalue> Select dropdown select @e5 "option1"
type \x3Cref> \x3Ctext> Type with keyboard type @e4 "search term"
press \x3Ckey> Press key press Enter
scroll \x3Cdirection> Scroll page scroll down

Inspection

Command Description Example
js \x3Cexpr> Run JavaScript js document.title
css \x3Csel> \x3Cprop> Computed CSS css .box color
attrs \x3Cref> Element attributes attrs @e1
is \x3Cprop> \x3Cref> State check is visible @e3

Tabs

Command Description
tabs List open tabs
tab N Switch to tab N
newtab Open new tab
closetab Close current tab

Visual

Command Description
screenshot Take screenshot
responsive \x3Cw> \x3Ch> Set viewport size
pdf Save page as PDF

Snapshot Flags

Flag Description
-i Interactive elements only (buttons, links, inputs)
-c Compact (remove empty structural nodes)
-d N Limit tree depth
-s \x3Csel> Scope to CSS selector
-D Diff against previous snapshot
-a Annotated screenshot with ref overlays

HTTP API

All commands go through the HTTP API:

# Get port and token from state file
PORT=$(python3 -c "import json; print(json.load(open('.gstack/browse.json'))['port'])")
TOKEN=$(python3 -c "import json; print(json.load(open('.gstack/browse.json'))['token'])")

# Send command
curl -s -X POST "http://127.0.0.1:${PORT}/command" \
  -H "Authorization: Bearer ${TOKEN}" \
  -H "Content-Type: application/json" \
  -d '{"command":"goto","args":["https://example.com"]}'

Architecture

┌─────────────┐     HTTP      ┌──────────────────┐
│  OpenClaw   │ ──────────▶  │  Gbrow Server    │
│  Agent      │              │  (Bun + Playwright)│
└─────────────┘              └────────┬─────────┘
                                      │
                                      ▼
                              ┌──────────────────┐
                              │  Chromium         │
                              │  (headless)       │
                              └──────────────────┘
                                      │
                                      ▼
                              ┌──────────────────┐
                              │ Accessibility     │
                              │ Tree (ariaSnapshot)│
                              └──────────────────┘

No vision models. No API calls. Just structured text from the browser's accessibility layer.

Credits

Built on top of gstack by Gary Tan (Y Combinator). Adapted for OpenClaw with permission under MIT license.

License

MIT

Usage Guidance
What to consider before installing: - Review the install script instead of piping it: the SKILL.md recommends 'curl | bash' for setup. Copy the setup.sh URL and inspect its contents before running, or clone the repository and run scripts manually. - Run in an isolated environment: because the skill installs Bun/Chromium and runs a persistent server that stores tokens and browser profiles under ~/.gstack, prefer a throwaway VM or container so it cannot access your real browser profile or other files. - Inspect cookie-import and extension-write behavior: the code includes cookie-import logic and will attempt to locate extension directories and may write .auth.json there. If you do not want the skill reading local browser cookies or modifying extension directories, do not install it or audit/disable those code paths first. - Check exposed endpoints and logs: the server keeps large console/network buffers and exposes HTTP endpoints for commands and activity streaming. Confirm authentication and that logs do not leak sensitive data before allowing other agents/processes access. - Principle of least privilege: avoid running the install as root and avoid giving the server access to sensitive filepaths. If you must run it locally, consider running it under a restricted user and firewalling the server port to localhost only. - If unsure, ask the maintainer for a reproducible package or an audited release: prefer installing from a pinned, reviewed release (GitHub release archive) instead of a raw branch tip, and request clear docs on cookie import and extension writes. Why 'suspicious' not 'malicious': the code is consistent with a Playwright-based browser skill and many behaviors are explainable, but there are multiple mismatches and higher-privilege file operations (cookie import, writing .auth.json to discovered extension directories, piping remote install scripts) that are significant enough to recommend caution and manual review before trusting the skill.
Capability Analysis
Type: OpenClaw Skill Name: gbrow Version: 1.0.0 The Gbrow skill bundle provides a headless browser with high-risk capabilities, most notably a module (src/cookie-import-browser.ts) that contains logic to locate and decrypt local browser cookies (Chrome, Edge, Brave, etc.) on macOS and Linux using system keychain utilities. While framed as a 'Cookie Picker' feature for session persistence, this functionality is a common characteristic of info-stealer malware. Additionally, the bundle includes tools for arbitrary JavaScript execution (src/read-commands.ts) and a background agent (src/sidebar-agent.ts) that spawns the 'claude' CLI with Bash and filesystem access. Although the code implements some security controls like URL validation (src/url-validation.ts) and log redaction (src/activity.ts), the combination of credential decryption and shell execution represents a significant security risk.
Capability Assessment
Purpose & Capability
The name/description (headless browser using Playwright) matches the code. However the registry entry declares no required env vars or config paths while the implementation reads/writes state under .gstack, uses environment variables (BROWSE_STATE_FILE, BROWSE_EXTENSIONS_DIR, CI/CONTAINER, etc.), and includes a cookie-import component and extension-write behavior that are higher privilege than the registry metadata indicates.
Instruction Scope
SKILL.md instructs cloning the GitHub repo and piping setup.sh via curl | bash and to run a persistent local server. The instructions reference reading the local state file (.gstack/browse.json) to obtain a token and port. The docs omit some high-impact behaviors present in code: writing .auth.json into found extension directories, cookie import logic, and large network/console buffers and activity streaming endpoints that may contain sensitive data. Pre-scan found a 'system-prompt-override' pattern in SKILL.md (prompt-injection signal).
Install Mechanism
There is no registry install spec, but SKILL.md/setup.sh instructs executing remote scripts: curl https://raw.githubusercontent.com/…/setup.sh | bash and curl https://bun.sh/install | bash, plus npx playwright install chromium. These downloads are from well-known hosts (GitHub, bun.sh, playwright via npx) but piping remote shells to bash and downloading browser binaries are moderate-to-high risk operations and worth manual review before execution.
Credentials
The skill declares no required credentials or config paths but the code uses multiple env vars (BROWSE_EXTENSIONS_DIR, BROWSE_STATE_FILE, BROWSE_SERVER_SCRIPT, HOME, CI/CONTAINER) and writes state/tokens into ~/.gstack. It also contains cookie-import functionality (likely reads browser cookie DBs) and will write .auth.json into extension directories it finds, which can expose tokens to other components. The undeclared access to user browser cookies and potential writes into other skills' extension directories are disproportionate and sensitive.
Persistence & Privilege
The server launches a persistent local daemon, creates ~/.gstack state and a persistent Chromium profile, and can run detached in background. Importantly, in headed mode it will locate an extension path and may write a .auth.json file there (modifying a discovered extension directory). That behavior modifies other on-disk components and can expose tokens — this matches the rule 'modify OTHER skills' configurations' and is a notable risk. The skill does not set always:true, but it does request persistent local presence through files and background processes.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install gbrow
  3. After installation, invoke the skill by name or use /gbrow
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release: Full-featured headless browser for OpenClaw agents. Accessibility tree snapshot, @ref clicks, tabs, JS execution. No vision model needed.
Metadata
Slug gbrow
Version 1.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Gbrow?

Full-featured headless browser for OpenClaw agents. Navigate, snapshot with accessibility tree (@ref clicks), tabs, JS execution, cookie import. No vision mo... It is an AI Agent Skill for Claude Code / OpenClaw, with 103 downloads so far.

How do I install Gbrow?

Run "/install gbrow" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Gbrow free?

Yes, Gbrow is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Gbrow support?

Gbrow is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Gbrow?

It is built and maintained by ashish797 (@ashish797); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments