← Back to Skills Marketplace
potdealer

Reach

by Potdealer · GitHub ↗ · v0.2.0 · MIT-0
cross-platform ⚠ suspicious
234
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install reach
Description
Agent web interface. Browse websites, fill forms, login to services, sign transactions, send/receive email, solve CAPTCHAs, and interact with the web autonom...
Usage Guidance
This skill includes real code that will run locally (Playwright, ethers, mailbox/webhook code) and offers powerful capabilities: automated logins, CAPTCHA solving via a third-party service, sending/receiving email, signing transactions and making payments, and persisting cookies/state to disk. Before installing, consider the following: - Mismatch: the registry claims no required env vars, but SKILL.md/source expect PRIVATE_KEY, RPC_URL, CAPSOLVER_API_KEY, RESEND_API_KEY, GITHUB_TOKEN. Treat that as a red flag and ask the publisher to reconcile metadata. - Secrets: do NOT provide a real wallet PRIVATE_KEY or high-value credentials. If you want to test, use an ephemeral wallet with minimal funds and throwaway API keys. - Isolation: run the skill in a contained environment (dedicated VM or container) because installing/using it requires npm install and Playwright and will persist files under data/. - Webhooks & external services: the webhook server and remote inbox will accept inbound network requests; verify endpoints (CapSolver, Resend, ExoHost) and consider network restrictions if you don't trust the publisher. - Review code paths that handle signing/payments, authenticate flows, and webhook handlers (primitives/sign.js, primitives/authenticate.js, utils/webhook-server.js, primitives/captcha.js, primitives/email.js). Look for any unexpected external endpoints or hard-coded secrets. - If you require the functionality but want lower risk: run without PRIVATE_KEY and without CAPSOLVER/RESEND keys, which will disable payment and third-party services; or request a version with explicit minimal-surface mode (read-only browsing, no signing/email/webhook). Because the skill requests multiple sensitive integrations but the registry metadata omits them, treat this as suspicious until the author provides corrected metadata and a clear trust/audit story.
Capability Analysis
Type: OpenClaw Skill Name: reach Version: 0.2.0 The bundle is a high-capability automation framework providing primitives for browser control, crypto-wallet signing, and email management. While it appears to be a legitimate tool for the 'Exoskeleton' agent ecosystem, it possesses high-risk features including session cookie harvesting (src/utils/cookie-import.js), automated CAPTCHA solving (src/primitives/captcha.js), and the ability to sign transactions using a provided private key (src/primitives/sign.js). The 'Remote Inbox' and 'Agent Identity' features rely on external infrastructure (mfer.one), which, combined with the broad web-interaction capabilities, creates a significant attack surface for credential theft or unauthorized financial activity if the agent is misdirected.
Capability Assessment
Purpose & Capability
The name/description (web/browser automation, forms, email, signing, payments) aligns with the included code and primitives. However the registry metadata lists no required environment variables or credentials while SKILL.md and source reference sensitive variables (PRIVATE_KEY, RPC_URL, CAPSOLVER_API_KEY, RESEND_API_KEY, GITHUB_TOKEN). That mismatch (declaring no credentials vs. code clearly needing them) is inconsistent and unexpected.
Instruction Scope
SKILL.md and the code instruct the agent to run local servers (MCP, webhook server), persist user data (cookies, inbox, screenshots, state under data/), auto-solve CAPTCHAs via a third-party solver, send and receive email, sign transactions and send payments, and interact with arbitrary websites. These instructions go well beyond simple read-only browsing and can access and transmit sensitive information. The instructions also rely on running node scripts in the package (e.g., node src/mcp.js), and include steps that will store persistent files locally.
Install Mechanism
The registry lists no install spec, yet the package contains a package.json and package-lock.json with heavy native/user-level dependencies (playwright, ethers, node-fetch, dotenv). That means installing/running the skill will require npm install and Playwright browser binaries — substantial code execution on the host — but the registry provided no automated install guidance or declared risks. The dependencies themselves are from standard registries (npm) and appear legitimate, but the absence of an install spec is an incoherence that reduces transparency.
Credentials
SKILL.md and source files expect several highly sensitive environment variables (PRIVATE_KEY for signing/payments, RPC_URL, CAPSOLVER_API_KEY for CAPTCHA solving, RESEND_API_KEY for sending mail, GITHUB_TOKEN for API access). Those variables are proportionate to the features offered, but the registry metadata incorrectly declares none required and does not declare a primary credential. Requiring a private key and multiple tokens without declaring them up-front is a serious mismatch and increases the risk of accidental secret exposure.
Persistence & Privilege
The skill persists cookies, session files, inbox JSON, screenshots, and state under data/. It starts a local webhook server to receive inbound email/webhooks. It does not set always:true and doesn't appear to modify other skills, but persistence and webhook exposure mean data handled by the skill remains on disk and could be used later. Consider the blast radius if the agent is allowed to run autonomously while these files exist.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install reach
  3. After installation, invoke the skill by name or use /reach
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.2.0
Add domains, email inbox, CAPTCHA solving, error recovery, accurate feature list
Metadata
Slug reach
Version 0.2.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Reach?

Agent web interface. Browse websites, fill forms, login to services, sign transactions, send/receive email, solve CAPTCHAs, and interact with the web autonom... It is an AI Agent Skill for Claude Code / OpenClaw, with 234 downloads so far.

How do I install Reach?

Run "/install reach" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Reach free?

Yes, Reach is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Reach support?

Reach is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Reach?

It is built and maintained by Potdealer (@potdealer); the current version is v0.2.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments