← Back to Skills Marketplace

Billy — Mission Control Visual QA

Name: Billy — Mission Control Visual QA
Author: highlander89

by Highlander89 · GitHub ↗ · v0.1.3

cross-platform ⚠ suspicious

478

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install billy-mission-control-visual-qa

Description

Run Mission Control visual QA on SAPCONET over SSH using Puppeteer screenshots and basic DOM checks.

README (SKILL.md)

mission-control-visual-qa

Author: Billy (SAPCONET)

Purpose

Run visual QA (screenshots + basic DOM checks) for Mission Control pages on SAPCONET via SSH (Neill machine 100.110.24.44).

What this skill includes

scripts/mission-control-visual-qa.js: Puppeteer-based remote runner (intended to run on SAPCONET).
scripts/run-mission-control-visual-qa.sh: Local helper that copies and runs the Node script over scp + ssh.

Safety rules

Only target Mission Control pages you are authorized to inspect.
Default output path is ~/.openclaw/workspace/output/visual-qa/ on SAPCONET.
No external network activity is performed by scripts other than SSH/SCP to SAPCONET and page loads for supplied URLs.
Script is read-only and does not submit forms or click destructive controls.

Usage

From local machine:

bash scripts/run-mission-control-visual-qa.sh \
  "https://mission-control.example.local/dashboard" \
  "https://mission-control.example.local/status"

Optional env vars:

SSH_TARGET (default: [email protected])
REMOTE_RUN_DIR (default: ~/.openclaw/workspace/mission-control-visual-qa-runner)
OUTPUT_DIR (default: ~/.openclaw/workspace/output/visual-qa/)

Expected output

On SAPCONET host, each URL produces:

*.png screenshot
basic DOM result (title + presence of main, h1, and body text)
final JSON summary printed to stdout

Usage Guidance

This appears coherent for running remote visual QA, but check a few operational points before installing: 1) Confirm and trust the SSH_TARGET (100.110.24.44) and that you are authorized to run checks there. 2) Ensure puppeteer and a compatible Chromium/Chrome are installed on the remote host (the script will exit if puppeteer is missing). 3) Be aware screenshots are stored on the remote OUTPUT_DIR and are not automatically copied back; if you need the images locally, retrieve them explicitly. 4) The helper script expands ~ and other paths locally when building remote mkdir commands; to avoid creating unexpected absolute paths on the remote host, explicitly set REMOTE_RUN_DIR and OUTPUT_DIR to absolute paths appropriate for the remote user. 5) Because the tool loads pages you supply, avoid pointing it at any pages you are not permitted to inspect—page titles and metadata will be printed and could reveal sensitive information. If you want tighter safety, review/update the helper script to preserve remote-side tilde expansion (quote remote commands) and confirm argument escaping in your environment.

Capability Analysis

Type: OpenClaw Skill Name: billy-mission-control-visual-qa Version: 0.1.3 The skill is classified as suspicious due to several risky capabilities, even though they align with its stated purpose. The `scripts/mission-control-visual-qa.js` script uses Puppeteer with the `--no-sandbox` and `--disable-setuid-sandbox` arguments, which significantly reduces the security posture of the remote browser execution. Furthermore, critical parameters like `SSH_TARGET`, `REMOTE_RUN_DIR`, `OUTPUT_DIR` in `scripts/run-mission-control-visual-qa.sh`, and `CHROMIUM_PATH` in `scripts/mission-control-visual-qa.js` are configurable via environment variables. While this offers flexibility, it also presents a significant vulnerability if an attacker can manipulate these environment variables, potentially leading to arbitrary code execution (via `CHROMIUM_PATH`), redirection of SSH connections, or writing files to arbitrary locations on the remote host. There is no evidence of intentional malicious behavior, data exfiltration, or prompt injection against the agent.

Capability Assessment

✓ Purpose & Capability

The name/description (visual QA on Mission Control via SSH) matches the provided artifacts: a Puppeteer Node script (scripts/mission-control-visual-qa.js) and an SSH/SCP helper (scripts/run-mission-control-visual-qa.sh). No unrelated binaries, credentials, or config paths are requested. The default SSH target ([email protected]) is hard-coded as a sensible default for this use case and aligns with the description.

ℹ Instruction Scope

The SKILL.md and scripts limit actions to copying the Node script to the remote host, launching Chromium via Puppeteer to load supplied URLs, performing simple DOM checks (title, presence of main & h1, body text length), taking screenshots, and printing a JSON summary. The script does not submit forms or click controls. Note: the Node script collects page title (string) and the numeric bodyTextLength but does NOT transmit full page body text; screenshots remain on the remote OUTPUT_DIR and are not automatically copied back. Also, the helper script expands paths (including ~) locally when building the remote mkdir command, which can cause unexpected absolute paths on the remote host—this is an operational bug rather than malicious behavior.

ℹ Install Mechanism

No install spec is provided (instruction-only + code files), so nothing is automatically downloaded or written by the platform. The Node script requires the 'puppeteer' package and a Chromium binary on the remote host; the script will error and exit if puppeteer is not installed. This is expected but requires manual setup on the SAPCONET host.

✓ Credentials

No required environment variables or credentials are declared. Optional env vars (SSH_TARGET, REMOTE_RUN_DIR, OUTPUT_DIR, CHROMIUM_PATH) are directly relevant to remote execution and are proportionate to the task. There are no requests for unrelated secrets or system credentials.

✓ Persistence & Privilege

always is false and the skill does not attempt to modify other skills or agent-wide configuration. It only copies its own script to the remote host and writes output under the specified OUTPUT_DIR on that host. No elevated persistence or hidden backdoors are present.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install billy-mission-control-visual-qa
After installation, invoke the skill by name or use /billy-mission-control-visual-qa
Provide required inputs per the skill's parameter spec and get structured output

Version History

v0.1.3

Stability: puppeteer runner + screenshot JSON summary

v0.1.2

Initial public release.

v0.1.0

Initial release

Metadata

Slug billy-mission-control-visual-qa

Version 0.1.3

License —

All-time Installs 0

Active Installs 0

Total Versions 3

Frequently Asked Questions

What is Billy — Mission Control Visual QA?

Run Mission Control visual QA on SAPCONET over SSH using Puppeteer screenshots and basic DOM checks. It is an AI Agent Skill for Claude Code / OpenClaw, with 478 downloads so far.

How do I install Billy — Mission Control Visual QA?

Run "/install billy-mission-control-visual-qa" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Billy — Mission Control Visual QA free?

Yes, Billy — Mission Control Visual QA is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Billy — Mission Control Visual QA support?

Billy — Mission Control Visual QA is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Billy — Mission Control Visual QA?

It is built and maintained by Highlander89 (@highlander89); the current version is v0.1.3.

More Skills