← Back to Skills Marketplace
hsyhph

Browser Stagehand

by hsyhph · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
172
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install openclaw-browser-stagehand
Description
Automate web browser interactions using natural language via CLI commands. Use when the user asks to browse websites, navigate web pages, extract data from w...
Usage Guidance
This skill appears to implement the advertised browser automation CLI, but the registry metadata omits important runtime requirements and behaviors. Before installing or running it, consider the following: (1) the docs expect an ANTHROPIC_API_KEY (and optionally Browserbase API keys) stored in .env or exported — do not place unrelated secrets there; (2) the tool uses a persistent Chrome profile (.chrome-profile) and will preserve cookies/sessions — use a dedicated profile or run in a disposable environment if you don't want session data retained; (3) downloads go to ./agent/downloads and screenshots to ./agent/browser_screenshots — review those directories and clean them after use; (4) the setup requires running `npm install`/`npm link` which installs external packages — inspect package.json and dependency sources before installing; (5) the skill auto-selects remote vs local mode without prompting, which could cause it to use remote services if API keys are present; (6) ask the publisher to update registry metadata to list required env vars (ANTHROPIC_API_KEY, optional BROWSERBASE_API_KEY/BROWSERBASE_PROJECT_ID), required binaries (Chrome), and to provide a source repository so you can inspect code. If you cannot verify these details, run the tool in an isolated container or VM and avoid sharing production credentials.
Capability Analysis
Type: OpenClaw Skill Name: openclaw-browser-stagehand Version: 1.0.0 The skill provides extensive browser automation capabilities using the Stagehand library, including full network access (with explicit mention of localhost/internal networks), persistent session storage via '.chrome-profile/', and automatic file downloads to the local filesystem. While these features are documented in REFERENCE.md and EXAMPLES.md as necessary for the tool's stated purpose, they represent high-risk behaviors—specifically the ability to interact with internal services and perform 'stealth' operations (e.g., launching the browser off-screen at -9999,-9999). Per the analysis criteria, these risky capabilities warrant a suspicious classification despite the lack of clear evidence of malicious intent.
Capability Assessment
Purpose & Capability
Name/description (browser automation) aligns with the CLI commands and examples. Using an LLM-backed Stagehand and a remote provider (Browserbase) is plausible for this purpose. However, the skill metadata claims no required env vars/binaries while the instructions clearly require or recommend ANTHROPIC_API_KEY and optionally BROWSERBASE_API_KEY / BROWSERBASE_PROJECT_ID, and Chrome — a discrepancy that should be explained.
Instruction Scope
SKILL.md and REFERENCE.md explicitly instruct the agent/user to read .env, check setup.json, use a persistent Chrome profile (.chrome-profile/), save downloads to ./agent/downloads/, and automatically choose remote vs local based on available API keys with 'No user prompting'. Those actions expand scope beyond a simple 'run this CLI' skill: reading .env (sensitive), persisting session cookies, writing downloads/screenshots to agent folders, and automatic non-interactive selection increase risk and should have been declared up-front.
Install Mechanism
The skill is instruction-only (no install spec) which is lower risk, but setup.json tells users to run `npm install` and `npm link` to create a global `browser` command. Installing arbitrary npm dependencies carries supply-chain risk and should be made explicit in registry metadata (package.json, exact dependency list, and source repo).
Credentials
Registry metadata lists no required env vars, but setup.json and docs instruct to provide ANTHROPIC_API_KEY and detect BROWSERBASE_API_KEY and BROWSERBASE_PROJECT_ID in .env. Those are sensitive credentials; requiring them makes sense for an LLM-driven and/or remote-browser service — but their absence from the declared `requires.env` is a clear mismatch and a red flag. Also using a persistent Chrome profile means the tool may access or retain cookies/session data.
Persistence & Privilege
The skill does not set always:true and does not request elevated agent privileges. However it deliberately uses a persistent Chrome profile and saves downloads/screenshots to agent directories, and configures Chrome to run off-screen. Persistence of .chrome-profile and automatic download behavior could cause long-lived local state (cookies, auth) and should be considered by users before enabling.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install openclaw-browser-stagehand
  3. After installation, invoke the skill by name or use /openclaw-browser-stagehand
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
openclaw-browser-stagehand 1.0.0 - Initial release of browser automation skill for CLI. - Supports both local Chrome and remote Browserbase environments with automatic selection. - Provides commands to navigate, interact, extract data, observe elements, take screenshots, and close the browser. - No user prompting required for environment selection—decision is based on available configuration. - Includes setup instructions, best practices, and troubleshooting guidance.
Metadata
Slug openclaw-browser-stagehand
Version 1.0.0
License MIT-0
All-time Installs 1
Active Installs 1
Total Versions 1
Frequently Asked Questions

What is Browser Stagehand?

Automate web browser interactions using natural language via CLI commands. Use when the user asks to browse websites, navigate web pages, extract data from w... It is an AI Agent Skill for Claude Code / OpenClaw, with 172 downloads so far.

How do I install Browser Stagehand?

Run "/install openclaw-browser-stagehand" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Browser Stagehand free?

Yes, Browser Stagehand is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Browser Stagehand support?

Browser Stagehand is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Browser Stagehand?

It is built and maintained by hsyhph (@hsyhph); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments