← Back to Skills Marketplace
75
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install visual-bug-hunter
Description
视觉 Bug 定位与修复 Skill。当用户描述 GUI App 或 Web App 存在视觉 Bug(按钮点不了、元素重叠、布局错位、样式异常),或 AI 反复修 Bug 但无法自检验证效果,或需要对应用进行 UI 自动化测试时触发。通过截图感知 + UI 交互测试 + 控制台捕获 + 代码精准定位的闭环流程,...
Usage Guidance
This skill's goal (visual UI detection + minimal code fixes) is reasonable, but proceed cautiously: 1) Confirm which implementation you will run — the registry's instruction-only skill (no install) or the README's pip package/GitHub code; installing the package pulls external code. 2) Only run the skill in a sandbox or VM first because it requires screen-capture and accessibility permissions and will launch/drive apps (these capabilities can access more than just the project if misconfigured). 3) Verify the exact commands the agent will execute (app launch paths, subprocess usage) and ensure the 'project_directory_only' restriction is actually enforced by the platform before granting permissions. 4) Do not provide screenshots or point the agent at apps containing sensitive data until you trust the implementation; sanitize inputs. 5) Inspect the GitHub/pip source (if you intend to install) for any unexpected network calls, logging, or file system access. If you are unsure, ask the skill author for a reproducible security/privacy checklist and an explicit statement of OS support (macOS vs cross-platform) and required permissions.
Capability Analysis
Type: OpenClaw Skill
Name: visual-bug-hunter
Version: 1.1.0
The skill requests high-risk capabilities including screen capture (mcp_runtime screen.capture), UI automation (pyautogui, AppleScript), and process execution (subprocess.Popen) to facilitate visual bug hunting. While these capabilities are plausibly required for the stated purpose and the instructions in SKILL.md include safety constraints (e.g., limiting scope to the project directory), the inherent risk of granting an AI agent full UI control and screen access is significant. No evidence of intentional malice was found, but the broad permissions make it a high-risk tool.
Capability Tags
Capability Assessment
Purpose & Capability
Name/description align with UI visual testing, code-localization, and automated interaction. However, the SKILL.md claims 'no local dependencies / no installs' while the workflow repeatedly references local tools (pyautogui, macOS screencapture, AppleScript, subprocess for launching apps) and the README advertises a pip package. That mismatch (instruction-only vs README/pip package and platform-specific tooling) is inconsistent and could lead to failure or unexpected behavior on non-mac systems or when required tools are absent.
Instruction Scope
Instructions direct the agent to capture screenshots, start/drive target apps, perform clicks/inputs, and capture stderr/stdout for the target process. While SKILL.md states file access is limited to a user-specified project directory, runtime steps (launching apps, capturing process logs, interacting with the desktop) require system-level capabilities and accessibility permissions that go beyond simple code reading. Those actions could potentially touch resources outside the project if mis-specified; the SKILL.md does not include explicit safeguards (e.g., validating app paths, requiring explicit user consent for accessibility privileges) or guidance to avoid accidental access to other files/processes.
Install Mechanism
There is no install spec in the registry (instruction-only), which is low-risk. However, the included README advertises pip installation and a GitHub repo and references a CLI script; that suggests an external package exists. The discrepancy between 'no install' claim and published package instructions is ambiguous and should be reconciled: if the user follows README/pip, that will install external code from PyPI/GitHub (higher risk) even though the skill registry entry itself installs nothing.
Credentials
The skill declares no required env vars or credentials, which is proportionate to the stated task. But it implicitly requires desktop automation permissions (screen capture, accessibility controls) and the ability to launch and capture stdout/stderr of user-specified apps. Those capabilities require OS-level permissions and could be abused if the agent is allowed to run arbitrary commands or given an incorrect target path. The skill also claims it will not access sensitive paths (~/.ssh, ~/.env, browser cookies), but those protections are declarative and not enforced by code here — the agent's runtime could still be directed to read other files unless the platform enforces the 'project_directory_only' scope.
Persistence & Privilege
The skill is not always-enabled and does not request elevated persistence; it's user-invocable and does not declare modifications to other skills or system-wide settings. That is appropriate for its purpose.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install visual-bug-hunter - After installation, invoke the skill by name or use
/visual-bug-hunter - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.0
**Changelog for visual-bug-hunter v1.1.0**
- Added explicit security and permission disclosures, clarifying no external credentials or sensitive file access are required.
- Documented the install type as "skill" and limited the scope to the project directory only.
- Updated technical descriptions to highlight the use of built-in AI platform capabilities without external APIs.
- Clarified boundaries of file and process access for greater safety transparency.
- Added a dedicated section comparing this skill with similar tools for clearer positioning.
- Improved formatting, bug reporting, and verification examples for stronger usability.
v1.0.0
Initial release of Visual Bug Hunter Skill
- Enables AI to visually detect and fix GUI/Web App bugs through screenshot analysis, UI automation, log capture, and code diff generation.
- Uses "eye see + hand click" workflow for end-to-end Bug hunting, mapping visual problems directly to code lines.
- Minimizes unnecessary code changes by outputting only precise diffs, saving tokens.
- Includes self-verification via before/after screenshot comparison using vision models.
- Not applicable for pure backend, database, or API-without-UI bugs.
Metadata
Frequently Asked Questions
What is Visual Bug Hunter?
视觉 Bug 定位与修复 Skill。当用户描述 GUI App 或 Web App 存在视觉 Bug(按钮点不了、元素重叠、布局错位、样式异常),或 AI 反复修 Bug 但无法自检验证效果,或需要对应用进行 UI 自动化测试时触发。通过截图感知 + UI 交互测试 + 控制台捕获 + 代码精准定位的闭环流程,... It is an AI Agent Skill for Claude Code / OpenClaw, with 75 downloads so far.
How do I install Visual Bug Hunter?
Run "/install visual-bug-hunter" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Visual Bug Hunter free?
Yes, Visual Bug Hunter is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Visual Bug Hunter support?
Visual Bug Hunter is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Visual Bug Hunter?
It is built and maintained by yitao2027 (@yitao2027); the current version is v1.1.0.
More Skills