← Back to Skills Marketplace
435
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install omni-research
Description
Multi-source deep research using your own browser. Queries Perplexity, Grok, and Gemini in parallel via CDP — zero API keys, uses your existing subscriptions.
Usage Guidance
Before installing or running this skill: 1) Review the code (research.py and browser.py) yourself — the scripts will control your browser via the Chrome DevTools Protocol and can read any page content. 2) Inspect ~/.config/omni-research/config.json after running setup; remove or set cliproxy_url only to a localhost service you control and replace any non-empty cliproxy_key with an empty string unless you intentionally run a local proxy. 3) Note the inconsistency: research.py sets a default cliproxy_key ('magi-proxy-key-2026') while setup.py uses an empty key — verify which value is in your config before use. 4) Run with a disposable browser profile or a browser instance started specifically for this tool (and ensure --remote-debugging-port is bound to localhost only); do NOT enable remote debugging on machines reachable by others. 5) If you do not want any external network calls, avoid using API-only mode (gemini-api) and ensure cliproxy_url is local. 6) If you are not comfortable granting full CDP control to third-party code, do not run it. If you decide to proceed, prefer running the code only after manual review and with conservative local configuration.
Capability Analysis
Type: OpenClaw Skill
Name: omni-research
Version: 1.0.0
The skill utilizes Chrome DevTools Protocol (CDP) to interact with the user's browser, which is a powerful capability that allows extensive control over browser tabs, including JavaScript execution (`eval_js` in `browser.py`). While the `eval_js` calls in this skill use hardcoded JavaScript and user queries are inserted via `Input.insertText` (safer), the inherent power of CDP and `eval_js` presents a significant vulnerability if not handled with extreme care or if the skill were to be modified. Additionally, the `research.py` script feeds extracted text from potentially untrusted websites into a synthesis LLM, creating a risk of indirect prompt injection or 'data poisoning' against the LLM, even though the synthesis prompt itself is designed for summarization. The `cliproxy_url` defaults to localhost, preventing direct external exfiltration by default, but the overall risk profile warrants a 'suspicious' classification due to these powerful and potentially exploitable capabilities.
Capability Assessment
Purpose & Capability
The skill claims to perform multi-source research via the user's browser and the code shows exactly that (CDP control, opening tabs, evaluating JS). Requiring python3 and websockets/httpx is proportional. However the README's 'zero API keys' claim doesn't match the code paths that use a 'cliproxy' API and a 'cliproxy_key' in the default config (research.py sets a non-empty default key), which is an unexplained inconsistency.
Instruction Scope
Runtime instructions and code connect to the user's browser via CDP and execute arbitrary Runtime.evaluate commands in pages (reads DOM, opens/close tabs, types input). That capability is necessary for the stated purpose but is high-privilege because it can access any content in the browser. The skill also reads/writes a user config at ~/.config/omni-research/config.json (which can hold URLs/keys). The SKILL.md doesn't fully surface the cliproxy/api fallback or the hardcoded key, so the agent could send scraped content to the configured proxy if that endpoint is set to an external host.
Install Mechanism
No install spec is provided (instruction/code-runner model), which keeps install risk low, but the package includes Python scripts that will be executed locally. Dependencies are standard (httpx, websockets). Because there is no explicit vetted package/URL, users will run code directly from this repo — they should inspect it before executing.
Credentials
The registry lists no required env vars or credentials, but the code uses a configurable 'cliproxy_url' and 'cliproxy_key' stored in ~/.config/omni-research/config.json. research.py defines a non-empty default 'cliproxy_key' ('magi-proxy-key-2026') while setup.py writes an empty default — an incoherence that could cause unintended use of a key or proxy. The skill can be configured to call arbitrary endpoints, which would allow exfiltration of scraped content if misconfigured.
Persistence & Privilege
The skill does not request 'always: true' or other persistent platform privileges and does not attempt to modify other skills. However, the runtime requires the browser to be started with remote debugging enabled, which grants the local process (this skill) powerful control over the browser and any logged-in sessions — a legitimate need for the feature but a significant privilege that users must accept consciously.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install omni-research - After installation, invoke the skill by name or use
/omni-research - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release: multi-source browser research via CDP (Perplexity + Grok + Gemini)
Metadata
Frequently Asked Questions
What is Omni Research?
Multi-source deep research using your own browser. Queries Perplexity, Grok, and Gemini in parallel via CDP — zero API keys, uses your existing subscriptions. It is an AI Agent Skill for Claude Code / OpenClaw, with 435 downloads so far.
How do I install Omni Research?
Run "/install omni-research" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Omni Research free?
Yes, Omni Research is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Omni Research support?
Omni Research is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Omni Research?
It is built and maintained by lmanchu (@lmanchu); the current version is v1.0.0.
More Skills