Description

This skill enables an AI Agent to signin and retrieve data from websites via JS script.

README (SKILL.md)

Browser Ability Skill

Name: Enable AI Agent to retrive data from websites that need user signin
Author: faisalive

This skill enables an AI Agent to signin and retrieve data from websites via JS script (limited tools, if there's no tools for what user want, just direcly use browser via CDP connection), including sources that require manual user authentication. When authentication is required, the script provides a sign-in URL and a signin_id. The agent must hand off the sign-in process to the user, wait for confirmation, and then resume the data request using the provided signin_id. The skill enforces secure access through API key authentication and supports human-in-the-loop workflows for sensitive or protected data sources.

Setup

# Navigate to skill directory
cd skills/browser-ability

# Install dependencies
npm install

# Set CDP URL
# This CDP URL are the same with your browser CDP URL
export CDP_URL="http://[ipv6]:port"

Available Method

List Available Tools

npm run list

Call a Tool

npm run call -- TOOL_NAME --args='{"foo":"bar"}'

Call a Tool After Sign-In

npm run call -- TOOL_NAME --args='{"foo":"bar"}' --signinId=YOUR_SIGNIN_ID

Manual Sign-In Flow

Some Tool calls require the user to manually sign in to a website (e.g. e-commerce, banking, or account-based platforms).

The agent must not automate browser-based sign-in.

Step-by-Step Workflow

1. Initial API Call

The agent calls the target tool normally.

Example:

npm run call -- amazon_get_purchase_history

2. Sign-In Required Response

If sign-in is required, the script responds with a sign-in URL and a signin_id.

Example Response:

{
  "content": [
    {
      "type": "text",
      "text": "{\"url\":\"https://signinurl\",\"message\":\"Continue to sign in in your browser at https://signinurl.\",\"signin_id\":\"YOUR_SIGNIN_ID\",\"system_message\":\"Try open the url https://signinurl in a browser with a tool if available.Give the url to the user so the user can open it manually in their browser.Then call check_signin tool with the signin_id to check if the sign in process is completed. Once it is completed successfully, then call this tool again to proceed with the action.\"}"
    }
  ],
  "structuredContent": {
    "url": "https://signinurl",
    "message": "Continue to sign in in your browser at https://signinurl.",
    "signin_id": "YOUR_SIGNIN_ID",
    "system_message": "Try open the url https://signinurl in a browser with a tool if available.Give the url to the user so the user can open it manually in their browser.Then call check_signin tool with the signin_id to check if the sign in process is completed. Once it is completed successfully, then call this tool again to proceed with the action."
  },
  "isError": false
}

3. Agent Action (When Sign-In Is Required)

When a response contains url and signin_id, the agent must:

Inform the user that manual sign-in is required
Provide the sign-in URL to the user
Pause the automated process
Wait for the user to confirm sign-in completion

4. User Action

The user:

Opens the provided URL in their browser
Completes the sign-in process manually
Notifies the agent once sign-in is complete

5. Resume Tool Call

After user confirmation, the agent re-calls the same Tool, passing the signin_id as a query parameter.

Example:

npm run call -- amazon_get_purchase_history --signinId=YOUR_SIGNIN_ID

6. Final Result

If authentication is successful, the script returns the requested data (e.g. purchase history).

Agent Behavior Constraints

Do not open sign-in URLs automatically
Do not attempt to automate website login
Always wait for explicit user confirmation before continuing
Reuse the same tool endpoint after sign-in
If there's no tool available, just directly open browser and browse yourself via CDP

Example Use Case

Goal: Retrieve Amazon purchase history

Call amazon_get_purchase_history
Receive sign-in URL and signin_id
Ask the user to open the URL and sign in
Wait for confirmation
Re-call the API with signinId
Receive purchase history data

Goal: Open Amazon Change Password Page

Try open browser via CDP, open amazon change password page
Cannot open that page because require sign in
Call amazon_signin
Receive sign-in URL and signin_id
Ask the user to open the URL and sign in
Wait for confirmation
Try open browser via CDP again
Success open change password page

Summary

This skill enables secure website signin by:

Delegating sensitive authentication steps to the user
Resuming automated workflows after authentication
Enforcing consistent security practices

Usage Guidance

Do not install or run this skill unless you fully trust the remote MCP server and the skill author. Specific things to check or change before using it: (1) The registry metadata should declare required env vars (SERVER_URL, CDP_URL, optional SIGNIN_ID) and explain how SERVER_URL is authenticated/verified. (2) Understand that providing CDP_URL exposes a browser debug endpoint — an MCP server that receives it can control or read your browser session (cookies, pages, forms). Never provide CDP_URL for your normal browser; only use a sandboxed or disposable browser in a VM or isolated container and ensure the MCP server is trusted and uses TLS and auth. (3) Ask the author how API key authentication is implemented (SKILL.md claims API-key auth but the code doesn't set one). (4) Prefer the author remove automatic forwarding of CDP_URL to remote servers or require an explicit, documented trust/consent step. (5) If you must test, run the skill in an isolated environment (guest VM or ephemeral container) and do not use real accounts or browsers that contain sensitive cookies/credentials.

Capability Analysis

Type: OpenClaw Skill Name: browser-ability Version: 1.0.1 The skill is classified as suspicious due to its high-privilege browser control capabilities via Chrome DevTools Protocol (CDP) and a significant prompt injection risk in `SKILL.md`. The instruction "If there's no tool available, just directly open browser and browse yourself via CDP" could be exploited by a prompt-injected AI agent to perform unintended browsing actions, potentially accessing sensitive data or internal resources, despite other constraints in the documentation. Furthermore, the `script.js` sends the user's `CDP_URL` to an external `SERVER_URL` (MCP server), introducing a critical trust dependency where a compromised or malicious MCP server could gain full control over the user's browser session.

Capability Assessment

⚠ Purpose & Capability

The description says the skill enables sign-in and data retrieval via JS and CDP, which aligns with the code that uses a Model Context Protocol (MCP) client and a browser CDP URL. However the registry metadata lists no required environment variables or credentials while the code enforces two required env vars (CDP_URL and SERVER_URL). That metadata omission is an incoherence: a legitimate skill should declare SERVER_URL and CDP_URL as required if they are mandatory.

⚠ Instruction Scope

SKILL.md instructs the agent to hand sign-in to the user (no automated login) and to use a CDP connection when needed. But the instructions never mention SERVER_URL even though the runtime requires it, and they do not warn that the CDP_URL (a local browser debug endpoint) will be sent to the MCP server. The script sends x-cdp-url to the MCP transport headers — this is a scope creep / data-leak risk because it exposes a local debugging endpoint to a remote server.

ℹ Install Mechanism

This is an instruction + code skill that installs dependencies via npm (package.json points to @modelcontextprotocol/sdk and dotenv). There are no arbitrary downloads or scripts from untrusted URLs; dependencies are from the public npm registry which is normal but still carries typical npm package supply-chain risks.

⚠ Credentials

The skill's declared requirements say none, but the code requires CDP_URL and SERVER_URL environment variables (and optionally SIGNIN_ID). CDP_URL is highly sensitive (it exposes a remote API to control/read a browser). The skill also claims 'API key authentication' in SKILL.md but there is no declared or implemented API key env var or auth header in the script. Requiring and transmitting a local CDP URL to an external SERVER_URL is disproportionate to what the metadata indicates and risky.

⚠ Persistence & Privilege

always:false (good) but the skill connects to an external MCP server (SERVER_URL) and will include the CDP_URL header when connecting. If invoked (autonomously or by the user), that remote MCP endpoint could request actions routed to your browser CDP. The skill therefore grants a remote endpoint potential control or read access to the user's browser if the user supplies CDP_URL — this is a high-privilege capability and should be treated cautiously.

Version History

v1.0.1

browser-ability 1.0.1 - Updated skill description to clarify sign-in and data retrieval capabilities for websites via JS script. - No functional changes or file modifications in this release. - Documentation now briefly emphasizes signin and retrieval with JS script in the description.

v1.0.0

Initial release of browser-ability skill. - Enables data retrieval from websites using JS scripts or direct browser automation via CDP. - Supports manual user authentication for protected sources; provides sign-in URLs and signin_id for human-in-the-loop workflow. - Enforces secure access via API key authentication. - Details step-by-step manual sign-in process and agent responsibility for safe data access. - Allows direct browser control if no specific tool is available.

Metadata

Slug browser-ability

Version 1.0.1

License —

All-time Installs 2

Active Installs 0

Total Versions 2

Frequently Asked Questions

What is Enable AI Agent to retrive data from websites that need user signin?

This skill enables an AI Agent to signin and retrieve data from websites via JS script. It is an AI Agent Skill for Claude Code / OpenClaw, with 963 downloads so far.

How do I install Enable AI Agent to retrive data from websites that need user signin?

Run "/install browser-ability" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Enable AI Agent to retrive data from websites that need user signin free?

Yes, Enable AI Agent to retrive data from websites that need user signin is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Enable AI Agent to retrive data from websites that need user signin support?

Enable AI Agent to retrive data from websites that need user signin is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Enable AI Agent to retrive data from websites that need user signin?

It is built and maintained by Faisal Akbar (@faisalive); the current version is v1.0.1.

More Skills

Enable AI Agent to retrive data from websites that need user signin