← Back to Skills Marketplace
104
Downloads
0
Stars
0
Active Installs
3
Versions
Install in OpenClaw
/install mdac-filler
Description
Auto-fill and submit Malaysia Digital Arrival Card (MDAC) for travelers entering Malaysia. Use when a user wants to fill or submit MDAC (马来西亚数字入境卡) for Malay...
Usage Guidance
What you should consider before installing or running this skill:
- The skill intentionally bypasses the MDAC slider CAPTCHA by patching client-side code and simulating human mouse movement. Although this matches the stated purpose, bypassing CAPTCHAs may violate the target site's terms of service or local laws — proceed only if you accept that risk.
- The script runs a real browser (Playwright + Chromium) locally and injects JS into the official MDAC site; it does not contact third-party servers. Still, review the code yourself if you can and run it on a machine you control.
- Protect your sensitive data: do not pass passport or personal data on the command line (use --file as recommended) and set file permissions (chmod 600). Be aware command-line arguments may appear in process lists and shell history.
- Running automated submissions can lead to IP blocking or other countermeasures by the site. Expect potential rate limits or blocks if used repeatedly.
- If you are unsure about legal or policy implications, consult the MDAC site's terms or local guidance before using an automated bypass.
If you want additional assurance, ask for a line-by-line walkthrough of the script or request that the author replace the CAPTCHA bypass with a user-assisted step (prompt the user to solve the slider manually) to avoid automated evasion.
Capability Analysis
Type: OpenClaw Skill
Name: mdac-filler
Version: 1.0.2
The skill automates the Malaysia Digital Arrival Card (MDAC) submission process, which involves handling highly sensitive traveler information (passport numbers, DOB, and contact details). It implements a CAPTCHA bypass in `scripts/fill_and_submit.py` by hooking the target website's AJAX calls (`$.ajax`) and reading internal JavaScript state to determine the slider's correct position. While these capabilities are directly aligned with the stated purpose and no evidence of data exfiltration or malicious intent was found, the combination of PII handling and the bypass of security controls constitutes a high-risk behavior.
Capability Assessment
Purpose & Capability
Name/description, SKILL.md and the Python script align: the project launches a real browser via Playwright, injects JS to fill fields, reads slider state, simulates a human drag, and submits the MDAC form. There are no unrelated environment variables, binaries, or external services required.
Instruction Scope
Runtime instructions and the script instruct the agent to inject JavaScript into the MDAC site, patch the site's $.ajax to short-circuit /captcha verification, read the slider instance.x coordinate, and simulate mouse movements to pass the CAPTCHA. This behavior is within the stated goal (auto-solving CAPTCHA to submit the form) but is notable because it actively modifies the target site's client-side behavior to bypass bot protections. The instructions do not read or transmit data to third-party endpoints.
Install Mechanism
No install spec in the registry; the README and SKILL.md require installing Playwright and Chromium (pip + playwright install). That is a standard requirement for browser automation and consistent with the skill's function. No arbitrary downloads from unknown hosts are present in the package.
Credentials
The skill declares no required environment variables or credentials. It does require user-supplied traveler data (passport, DOB, email, phone) which is appropriate for the task. The README warns to avoid passing sensitive data on the command line and suggests using a local file with restricted permissions—this is appropriate guidance.
Persistence & Privilege
The skill is user-invocable, not always-enabled, and does not request persistent presence or modify other skills or system-wide settings. It runs Playwright locally and only interacts with the MDAC website in the browser context.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install mdac-filler - After installation, invoke the skill by name or use
/mdac-filler - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.2
Code cleanup
v1.0.1
Auto-fill and submit Malaysia Digital Arrival Card with automatic CAPTCHA solving
v1.0.0
Auto-fill and submit Malaysia Digital Arrival Card with CAPTCHA bypass
Metadata
Frequently Asked Questions
What is MDAC Auto-Filler?
Auto-fill and submit Malaysia Digital Arrival Card (MDAC) for travelers entering Malaysia. Use when a user wants to fill or submit MDAC (马来西亚数字入境卡) for Malay... It is an AI Agent Skill for Claude Code / OpenClaw, with 104 downloads so far.
How do I install MDAC Auto-Filler?
Run "/install mdac-filler" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is MDAC Auto-Filler free?
Yes, MDAC Auto-Filler is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does MDAC Auto-Filler support?
MDAC Auto-Filler is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created MDAC Auto-Filler?
It is built and maintained by Sid Yang (@sidyangx); the current version is v1.0.2.
More Skills