← Back to Skills Marketplace
michaellod

lock-me-in

by MichaelLod · GitHub ↗ · v1.2.0 · MIT-0
cross-platform ⚠ suspicious
315
Downloads
0
Stars
0
Active Installs
5
Versions
Install in OpenClaw
/install lock-me-in
Description
Remote browser login and session persistence for headless servers. Start an interactive browser session via a temporary public URL (cloudflared tunnel), let...
README (SKILL.md)

lock-me-in

Remote browser login via temporary public URL. The user logs in visually; cookies persist for future automation.

How It Works

  1. Agent launches headless Chromium with Playwright
  2. A web UI streams live screenshots of the browser
  3. Cloudflared creates a temporary public tunnel URL
  4. User opens the link, clicks/types to log in
  5. Session (cookies + localStorage) saved to disk
  6. Future Playwright sessions load the saved state

Quick Start

# Start a login session
node \x3Cskill-dir>/scripts/browser-login.mjs \x3Curl> \x3Csession-name>

# Examples
node \x3Cskill-dir>/scripts/browser-login.mjs https://linkedin.com/login linkedin
node \x3Cskill-dir>/scripts/browser-login.mjs https://github.com/login github
node \x3Cskill-dir>/scripts/browser-login.mjs https://mail.google.com gmail

Run in background with nohup, capture the tunnel URL from stdout:

nohup node \x3Cskill-dir>/scripts/browser-login.mjs \x3Curl> \x3Cname> > /tmp/lock-me-in.log 2>&1 &
# Wait for URL:
grep -m1 'LOGIN URL' /tmp/lock-me-in.log

Send the tunnel URL to the user via their messaging channel.

Loading Saved Sessions

To use a saved session in Playwright automation:

import { chromium } from 'playwright-core';

const browser = await chromium.launch({ executablePath: CHROME_PATH, headless: true, args: ['--no-sandbox'] });
const context = await browser.newContext({
  storageState: '/data/home/.browser-sessions/\x3Csession-name>/storage.json'
});
const page = await context.newPage();
await page.goto('https://linkedin.com/feed'); // Already logged in!

Session Storage

Sessions persist at /data/home/.browser-sessions/\x3Cname>/:

  • storage.json — Cookies + localStorage (Playwright format)
  • meta.json — Session metadata (last URL, timestamp, cookie count)

List saved sessions: ls /data/home/.browser-sessions/

Configuration

Environment variables:

  • LOCK_ME_IN_SESSIONS_DIR — Override sessions dir (default: /data/home/.browser-sessions)
  • LOCK_ME_IN_CHROME_PATH — Override Chrome path (auto-detected from Playwright)
  • LOCK_ME_IN_PORT — Override local proxy port (default: 18850)
  • OPENCLAW_PROXY_URL — HTTP proxy for browser traffic (auto-parsed for auth)

Script flags:

  • --port=N — Local proxy port
  • --timeout=N — Auto-close after N seconds (default: 900 = 15 min)

Requirements

  • Playwright-compatible Chromium (installed via npx playwright install chromium)
  • cloudflared binary for tunneling (install: curl -sL https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64 -o /usr/local/bin/cloudflared && chmod +x /usr/local/bin/cloudflared)
  • Node.js 18+

Web UI Controls

  • Click on screenshot to click that position
  • Send types text into the focused element
  • Tab / Enter for keyboard navigation
  • ← Back browser back button
  • ↓ Scroll scroll down
  • Navigate go to a specific URL
  • 💾 Save persist session without closing
  • ✅ Done save and close everything

Security Notes

  • Tunnel URLs are random and short-lived (valid only while the process runs)
  • No authentication on the tunnel by default — share the URL only with the intended user
  • Sessions contain auth cookies — treat storage.json as sensitive
  • Auto-closes after 15 minutes by default to limit exposure
Usage Guidance
This skill does what it says (a remote headless-browser login tunnel that saves cookies/localStorage), but it has several caution points you should consider before installing or running it: - Registry metadata omits actual runtime requirements. SKILL.md and the script require Node.js, Playwright/Chromium, and cloudflared; ensure those are installed from official sources. - The script exposes an unauthenticated public tunnel URL (cloudflared). Treat any tunnel URL as extremely sensitive — do not share it outside a trusted channel, and prefer enabling tunnel access controls (short-lived tokens, IP whitelisting, or auth) if possible. - The tool persists storage.json (cookies + localStorage). Those files effectively contain live authentication and should be stored with strict file permissions, encrypted at rest, and rotated/cleared when no longer needed. - The script injects stealth anti-detection code into pages. That is commonly used for automation, but combined with persistent sessions it could be abused for automated account access. Review the code carefully and consider running it in an isolated VM/container and with an account that can be revoked (not your primary account). - The code references a hard-coded Playwright path ('/app/node_modules/playwright-core') and probes specific home/cache paths; review and, if needed, set LOCK_ME_IN_CHROME_PATH and LOCK_ME_IN_SESSIONS_DIR to controlled locations. - Do not set OPENCLAW_PROXY_URL or similar proxy env vars to untrusted values; a proxy can capture credentials and page content. If you want to proceed: run the script only in an isolated environment, limit tunnel exposure (add auth or VPN), audit the entire script (including the parts not shown here), and prefer ephemeral/test credentials when using it until you are comfortable with its behavior.
Capability Analysis
Type: OpenClaw Skill Name: lock-me-in Version: 1.2.0 The 'lock-me-in' skill bundle (scripts/browser-login.mjs) provides a mechanism to remotely control a headless browser and persist authentication sessions. It uses 'cloudflared' to create a public tunnel (trycloudflare.com) to a local web UI, allowing remote interaction with the browser. However, the tunnel is unauthenticated by default, and the script includes a high-risk '/eval' endpoint that allows arbitrary JavaScript execution within the browser context. While these features support the stated goal of remote login, the combination of public exposure, lack of access control, and powerful execution capabilities creates a significant security risk for session hijacking and unauthorized remote control.
Capability Assessment
Purpose & Capability
The skill claims to provide a remote browser login proxy and the included script implements that. However the registry metadata declared no requirements while SKILL.md and the script require Playwright/Chromium, cloudflared, and Node.js. The script also hard-codes an import path ('/app/node_modules/playwright-core') and probes Playwright caches and specific filesystem paths — these implementation details are plausible for the stated purpose but are not reflected in the registry metadata and look platform-specific.
Instruction Scope
Runtime instructions and the script start a headless browser, expose a web UI, and create a temporary public cloudflared tunnel with no built-in authentication. SKILL.md tells the operator/agent to 'Send the tunnel URL to the user via their messaging channel.' Exposing an unauthenticated, short-lived public UI that accepts clicks/keyboard input and persists auth cookies is within the feature set but is a high-risk action scope (sensitive session data may be exposed if the URL leaks). The script also injects stealth/anti-detection scripts into pages — appropriate for automation but increases risk if abused.
Install Mechanism
This is an instruction-only skill with one shipped script and no install spec. No external binary is downloaded by the skill itself. SKILL.md instructs how to install cloudflared (GitHub release URL) and Playwright via npx, which are conventional but will be performed manually by the operator.
Credentials
The registry metadata listed no required env vars, but SKILL.md and the script use multiple environment variables (LOCK_ME_IN_SESSIONS_DIR, LOCK_ME_IN_CHROME_PATH, LOCK_ME_IN_PORT, OPENCLAW_PROXY_URL and in code LOCK_ME_IN_CLOUDFLARED). OPENCLAW_PROXY_URL or LOCK_ME_IN_CLOUDFLARED could carry credentials or control where traffic is proxied. The skill writes sensitive session state (storage.json containing cookies/localStorage) to disk; that is expected for the purpose but is highly sensitive and the skill does not provide enforced protection or encryption for those files.
Persistence & Privilege
The skill does not request always:true and does not appear to modify other skills or system-wide configuration. It persists session files to a sessions directory (default /data/home/.browser-sessions), which is normal for its purpose but increases blast radius if the environment is shared. The platform-default ability for the agent to invoke the skill autonomously combined with saved authenticated sessions is worth caution.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install lock-me-in
  3. After installation, invoke the skill by name or use /lock-me-in
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.2.0
Mobile touch click fix, /eval and /click-text endpoints for JS elements (Google OAuth), SingletonLock auto-cleanup, crash-safe signal handlers, 1920x1080 viewport, persistent Chrome profile with stealth evasions
v1.1.0
Stealth evasions (anti-bot detection bypass), Clear/Backspace buttons, improved Back button, popup handling for social logins, removed playwright-extra dependency
v1.0.2
Add Clear and Backspace buttons, fix Back button with keyboard fallback, improved field editing UX
v1.0.1
Fix UTF-8 encoding, add social login popup support, improve proxy auth handling
v1.0.0
Initial release
Metadata
Slug lock-me-in
Version 1.2.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 5
Frequently Asked Questions

What is lock-me-in?

Remote browser login and session persistence for headless servers. Start an interactive browser session via a temporary public URL (cloudflared tunnel), let... It is an AI Agent Skill for Claude Code / OpenClaw, with 315 downloads so far.

How do I install lock-me-in?

Run "/install lock-me-in" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is lock-me-in free?

Yes, lock-me-in is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does lock-me-in support?

lock-me-in is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created lock-me-in?

It is built and maintained by MichaelLod (@michaellod); the current version is v1.2.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463556 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259610 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200551 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191226 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190235 · by oswalpalash

💬 Comments