← Back to Skills Marketplace
agentossoftware

SurfAgent

by AgentOSsoftware · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
103
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install surfagent
Description
Control a real Chrome browser via SurfAgent — navigate, click, type, screenshot, extract data, crawl sites, and automate web workflows. Uses your persistent...
Usage Guidance
Before installing, be aware this skill gives an agent the ability to control your real Chrome profile (read/set cookies, run JS, extract page contents). That is necessary for the described features but can expose sensitive data. Things to do before use: (1) Verify you install the SurfAgent daemon only from the official surfagent.app and review its GitHub repos; (2) do not set SURFAGENT_DAEMON_URL to a remote server you don't control — keep it at localhost unless you explicitly trust the endpoint; (3) review the surfagent-mcp npm package before running npx (it will be downloaded/executed); (4) run the daemon and the skill in an isolated account, container, or VM if you want to limit exposure of your primary browser profile; (5) require explicit, interactive user confirmation before letting an agent perform actions that access cookies, evaluate JS, or extract entire pages; and (6) ask the skill author to correct the registry metadata inconsistency (the SKILL.md declares SURFAGENT_DAEMON_URL but the registry metadata lists none). If you cannot confirm these points, treat the skill as high-risk and avoid installing it on machines with sensitive browser sessions.
Capability Analysis
Type: OpenClaw Skill Name: surfagent Version: 1.0.0 The skill bundle provides an AI agent with extensive control over a user's local Chrome browser, including high-risk capabilities such as reading and setting browser cookies (`browser_cookies`) and executing arbitrary JavaScript (`browser_evaluate`) within the page context. While these features are aligned with the stated purpose of advanced browser automation and session persistence, they grant the agent access to sensitive login data and the ability to perform actions on the user's behalf. The reliance on an external local daemon and an MCP server (`surfagent-mcp`) further expands the attack surface, as documented in SKILL.md and README.md.
Capability Assessment
Purpose & Capability
The SKILL.md describes exactly the capabilities you'd expect from a local browser-control tool (navigate, click, evaluate JS, read cookies, screenshots). However the registry metadata earlier said 'required env vars: none' while the SKILL.md declares a required_environment_variable SURFAGENT_DAEMON_URL — this mismatch is unexplained and worth clarifying.
Instruction Scope
Instructions explicitly allow running arbitrary JavaScript in pages, reading and setting cookies, extracting full HTML/text, and using a persistent Chrome profile with real cookies/sessions. Those are appropriate for browser automation, but they also enable access to very sensitive personal data; the SKILL.md does not add guardrails or limit these actions. It also instructs use of 'npx surfagent-mcp' which will fetch code at runtime.
Install Mechanism
This is instruction-only (no install spec). The skill tells users to download SurfAgent from surfagent.app and to run npx surfagent-mcp (which pulls code from the npm registry). Those are normal for a connector, but they do cause external packages/binaries to be fetched and executed outside the skill bundle; the sources referenced (surfagent.app and GitHub repos) appear plausible and not obfuscated.
Credentials
The SKILL.md requires SURFAGENT_DAEMON_URL (default http://localhost:7201). A configurable daemon URL is powerful: if set to a remote endpoint, the agent could send page contents, cookies, and other sensitive data off the machine. The registry metadata not listing this env var is an inconsistency. No other credentials are requested, but the ability to read/set cookies and evaluate JS gives access to credentials and private data stored in the browser.
Persistence & Privilege
The skill does not request always:true and does not claim elevated system-wide persistence. Autonomous model invocation is allowed (platform default). Combined with the ability to access persistent browser sessions, autonomous invocation raises blast radius — consider that an agent could perform actions using your logged-in accounts if invoked without user oversight.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install surfagent
  3. After installation, invoke the skill by name or use /surfagent
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release — 24 MCP browser tools, Hermes/OpenClaw/ClawHub compatible
Metadata
Slug surfagent
Version 1.0.0
License MIT-0
All-time Installs 1
Active Installs 1
Total Versions 1
Frequently Asked Questions

What is SurfAgent?

Control a real Chrome browser via SurfAgent — navigate, click, type, screenshot, extract data, crawl sites, and automate web workflows. Uses your persistent... It is an AI Agent Skill for Claude Code / OpenClaw, with 103 downloads so far.

How do I install SurfAgent?

Run "/install surfagent" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is SurfAgent free?

Yes, SurfAgent is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does SurfAgent support?

SurfAgent is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created SurfAgent?

It is built and maintained by AgentOSsoftware (@agentossoftware); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments