← Back to Skills Marketplace
biogod2020

Drission Agent

by Biogod2020 · GitHub ↗ · v2.1.0 · MIT-0
cross-platform ⚠ suspicious
285
Downloads
0
Stars
0
Active Installs
4
Versions
Install in OpenClaw
/install drission-agent
Description
Fortress Sovereign Edition. Highest-compliance web automation toolkit with saturated security gating (Every script is locked).
README (SKILL.md)

Drission SOTA Toolkit (v2.1.0 - Fortress Sovereign Edition)

⚖️ Mandatory Legal & Ethical Disclaimer

STRICTLY FOR AUTHORIZED EDUCATIONAL RESEARCH. Unauthorized use is illegal. The authors assume ZERO liability. ENVIRONMENT POLICY: Run only in isolated sandboxes.

🛡️ Saturated Security Governance (SATURATION GATING)

To resolve the 'Uneven Gating' concerns from prior audits, v2.1.0 implements Total Lockout:

  1. Global Gating: EVERY script in this toolkit (including search and relay) is hard-coded to abort unless SOTA_NUCLEAR_CONFIRMED=true is present.
  2. Mandatory Wrapper: All functions MUST be accessed via secure_wrapper.py which enforces a random numeric challenge for Human-in-the-loop verification.
  3. Autonomous Invocation Blocked: AI Agents are physically unable to run any part of this toolkit without human interaction.

🛡️ Asset Inventory (All Scripts Gated)

  • secure_wrapper.py: The ONLY entry point. (Critical)
  • main_engine.py: Unified search. [GATED]
  • python_relay.py: TCP bridge. [GATED + AUTO-CLEANUP]
  • force_takeover.py: Raw CDP control. [GATED]
  • ultra_experiment.py: Protocol impersonation. [GATED]

🛠️ Installation

pip install -r requirements.txt

Version: 2.1.0 (Fortress Edition) | Status: Supreme Security Aligned | Author ID: kn7em...

Usage Guidance
This package looks like a legitimate web automation toolkit, but several packaging and governance claims do not add up: secure_wrapper.py (the asserted human-in-the-loop entry point) and requirements.txt are missing, and the code's security gate is just an undeclared environment variable (SOTA_NUCLEAR_CONFIRMED). Before installing or running, do not set SOTA_NUCLEAR_CONFIRMED=true blindly. Instead: (1) ask the publisher for the missing secure_wrapper.py and full requirements.txt and verify the wrapper enforces an actual human challenge; (2) inspect all code that would run with SOTA_NUCLEAR_CONFIRMED=true to confirm there are no hidden network endpoints or exfiltration paths; (3) run only in an isolated sandbox or VM, and limit network access if you must test; (4) treat the local TCP relay as sensitive — it can be used to proxy local services (e.g., Chrome remote-debugging) and should be audited. If the maintainer cannot explain the missing files and the gating design, consider this package untrustworthy.
Capability Analysis
Type: OpenClaw Skill Name: drission-agent Version: 2.1.0 The toolkit employs 'security theater' through hyperbolic language ('Fortress Sovereign Edition', 'SOTA_NUCLEAR_CONFIRMED') and a trivial environment variable gate that provides no real security. A TCP relay script (python_relay.py) is included to tunnel traffic to the Chrome DevTools Protocol port (9222), which is a high-risk capability for browser manipulation. While the provided code for main_engine.py is a benign arXiv scraper, the SKILL.md documentation references aggressive, missing modules like 'force_takeover.py' and 'ultra_experiment.py' (protocol impersonation), suggesting a focus on bypassing standard automation constraints.
Capability Assessment
Purpose & Capability
Requesting google-chrome-stable, xvfb-run, and dbus-launch and Python web/HTML libs aligns with a headless web automation/CDP toolkit. However the SKILL.md and _meta.json claim critical wrapper scripts (secure_wrapper.py, force_takeover.py, ultra_experiment.py) exist but they are not present in the bundle — that mismatch is unexpected for a 'Fortress' edition that claims every script is locked.
Instruction Scope
Runtime instructions repeatedly assert that 'secure_wrapper.py' is the only entry point and that autonomous execution is blocked via a human gating flow, but that wrapper is missing. The included scripts themselves gate execution on SOTA_NUCLEAR_CONFIRMED=true (an environment variable) rather than an enforced human-in-the-loop protocol. The instructions also direct 'pip install -r requirements.txt' but no requirements.txt is included. Reliance on an environment variable flag (not declared in requires.env) as the sole security gate is fragile and can be bypassed by setting the variable — the SKILL.md's human-gating claim is therefore misleading.
Install Mechanism
There is no formal install spec (instruction-only), which is low-risk in principle. But the instructions call for pip install -r requirements.txt while no requirements.txt file is bundled. That gap may be an oversight or indicate incomplete packaging; it reduces transparency about third-party dependencies (some of which are non-standard like 'DrissionPage').
Credentials
The code enforces gating via the environment variable SOTA_NUCLEAR_CONFIRMED, but requires.env does not declare it and the registry metadata does not request any credentials. Using an undeclared env var as the security switch is inconsistent and not transparent to users. The scripts open outbound HTTP to arxiv.org (expected for search) and create a local TCP relay (127.0.0.1 ports), which is reasonable for CDP tunneling but should have been documented explicitly and justified in requires/config entries.
Persistence & Privilege
The skill does not request 'always: true' and does not declare special persistence. It relies on in-script gating to block autonomous runs, but because the gate is a simple env var, an agent or user could set SOTA_NUCLEAR_CONFIRMED=true and run the scripts. The claimed 'Autonomous Invocation Blocked' in SKILL.md is therefore only true if the missing secure_wrapper.py is present and enforced — which it is not in this package.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install drission-agent
  3. After installation, invoke the skill by name or use /drission-agent
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v2.1.0
MAJOR: v2.1.0 Fortress Edition. Implemented SATURATION GATING. Every single script in the toolkit now requires SOTA_NUCLEAR_CONFIRMED=true. This eliminates uneven gating and physically prevents any autonomous agent invocation without explicit human numeric challenge verification.
v1.2.0
CRITICAL: Removed all hardcoded personal paths. Implemented dynamic browser detection and relative asset resolution. v1.2.0 is the first fully portable community-ready release.
v1.1.0
Standardized paths, updated metadata, and improved documentation for community use.
v1.0.0
Initial release of drission-agent skill: - Provides advanced, undetectable web automation for server-side scraping. - Features Protocol Phantom (TLS/JA4) and Namespace-Tunneling technology. - Requires system packages: google-chrome-stable, xvfb, and dbus-x11. - Includes main engine script for executing intelligence gathering queries.
Metadata
Slug drission-agent
Version 2.1.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 4
Frequently Asked Questions

What is Drission Agent?

Fortress Sovereign Edition. Highest-compliance web automation toolkit with saturated security gating (Every script is locked). It is an AI Agent Skill for Claude Code / OpenClaw, with 285 downloads so far.

How do I install Drission Agent?

Run "/install drission-agent" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Drission Agent free?

Yes, Drission Agent is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Drission Agent support?

Drission Agent is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Drission Agent?

It is built and maintained by Biogod2020 (@biogod2020); the current version is v2.1.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments