← Back to Skills Marketplace
ClickMap
by
jayton123456789-hub
· GitHub ↗
· v1.0.2
407
Downloads
0
Stars
3
Active Installs
3
Versions
Install in OpenClaw
/install clickmap
Description
Chrome UI automation skill for saving named on-screen targets and reusing them with reliable click/type actions. Use when browser automation is flaky, select...
README (SKILL.md)
ClickMap
Make flaky web automation stable: save named points once, then click/type by name every time.
Why people use this
- Stops brittle selector/DOM failures in UI automation flows
- Reuses human-readable names instead of random coordinates
- Great for repeat tasks: click target → type text → submit
Resources
- Extension folder:
assets/chrome-extension/ - Local bridge:
scripts/bridge-server.js - Optional launcher:
scripts/start-bridge.cmd - Autostart installer:
scripts/install-autostart.ps1 - Action runner:
scripts/clickmap-actions.ps1 - Data file:
data/pois.json
Capture flow (user)
- Load unpacked extension from
assets/chrome-extension. - Start bridge (
node scripts/bridge-server.jsorstart-bridge.cmd).- Optional:
powershell -ExecutionPolicy Bypass -File scripts/install-autostart.ps1 -RunNowto keep bridge auto-running after reload/login.
- Optional:
- Open target page (example:
https://suno.com/create). - Toggle marking ON from popup.
- Hover mouse at exact pixel and press P to add point.
- Native prompt opens: enter POI name and save.
- Press D while hovering near a point to delete nearest saved POI.
- Bright pink dots show saved points on that page.
POIs auto-sync to bridge when possible. Use popup Sync POIs if needed.
Agent action commands (no desktop-control)
Always use the ClickMap action runner for clicks/types:
# List points
powershell -ExecutionPolicy Bypass -File "$HOME/.openclaw/workspace/skills/clickmap/scripts/clickmap-actions.ps1" -Action list
# Click saved point exactly (screen coords)
powershell -ExecutionPolicy Bypass -File "$HOME/.openclaw/workspace/skills/clickmap/scripts/clickmap-actions.ps1" -Action click -PoiName "suno_com.LyricsBox"
# Type text into focused field (paste mode by default)
powershell -ExecutionPolicy Bypass -File "$HOME/.openclaw/workspace/skills/clickmap/scripts/clickmap-actions.ps1" -Action type -Text "hello world" -ClearFirst
# Click then type in one call
powershell -ExecutionPolicy Bypass -File "$HOME/.openclaw/workspace/skills/clickmap/scripts/clickmap-actions.ps1" -Action click-type -PoiName "suno_com.songName" -Text "Still Learning My Name (Remix)" -ClearFirst
Notes
- Best results come from POIs that include
coords.screen(new captures do this automatically). - If an old POI misses screen coords, just re-save it once.
- Use clear names (example:
suno_com.StylesBox) so automations stay readable. - The bridge runs locally on your machine (localhost only).
Usage Guidance
What to consider before installing or running this skill:
- Missing action runner: The skill advertises an action runner (clickmap-actions.ps1) and autostart scripts, but those files aren't included. Ask the publisher for the missing scripts or supply your own before relying on the skill for automated click/type flows.
- Local bridge CORS and default auth: The included bridge (scripts/bridge-server.js) listens on 127.0.0.1 and, by default, has no token. It sets Access-Control-Allow-Origin: * so any web page can read or write the POI data if the bridge is running without a token. If you run the bridge, set the CLICKMAP_TOKEN environment variable (and configure the extension to use it) to avoid leaving POIs accessible to arbitrary sites.
- Undeclared env vars: The package metadata declares no required env vars, but the bridge reads CLICKMAP_PORT and CLICKMAP_TOKEN. If you run the bridge, set CLICKMAP_TOKEN to a strong secret and consider changing the port if you have multiple local services.
- Data sensitivity: The supplied data/pois.json already contains POIs for login fields (e.g., PASSWORD_BOX). POIs may encode coordinates/selectors for sensitive UI elements; treat saved POIs as sensitive data and avoid running the bridge without a token.
- Source provenance: The skill's source and homepage are unknown. Consider running the Node bridge only from a controlled environment, inspect or replace the missing action scripts before use, and avoid enabling any autostart/install scripts until you can review them.
If you want, I can list the exact lines that implement the bridge API and where to change the code to require auth/CORS restrictions, or help you create a safe clickmap-actions.ps1 stub to match the advertised behavior.
Capability Analysis
Type: OpenClaw Skill
Name: clickmap
Version: 1.0.2
The ClickMap skill is a UI automation utility designed to record and replay web interactions using a Chrome extension and a local Node.js bridge server. The extension (content.js, background.js) captures element selectors and screen coordinates, which are then stored in a local JSON file (data/pois.json) via the bridge server (bridge-server.js). All network communication is restricted to localhost (127.0.0.1:18795), and the code lacks any indicators of data exfiltration, remote command execution, or malicious prompt injection. While it handles sensitive UI areas like password fields in its sample data, this behavior is consistent with its stated purpose of automating forms and dashboards.
Capability Assessment
Purpose & Capability
The skill claims to provide reliable click/type actions for automations, but the SKILL.md and UI repeatedly reference an action runner (scripts/clickmap-actions.ps1), an autostart installer, and a launcher (start-bridge.cmd) that are NOT present in the file manifest. The included files implement the Chrome extension and a local bridge that stores POIs, but no included script implements the agent-side click/type runner. Declared requirements list no env vars, yet the bridge supports CLICKMAP_PORT and CLICKMAP_TOKEN. This mismatch means the skill as packaged cannot perform the runtime click/type actions it advertises without additional missing files.
Instruction Scope
SKILL.md instructs users/agents to load the unpacked extension and run a local Node bridge; that's consistent with the included extension and scripts/bridge-server.js. However the runtime instructions also tell the agent to call a PowerShell action runner (for clicks/types) located at $HOME/.openclaw/.../scripts/clickmap-actions.ps1 which is not included. The extension/content scripts capture element selectors, viewport/screen coords, and call the local bridge via POST /api/pois. The instructions do not request any unrelated system files, but they grant the bridge endpoint broad CORS headers and (unless the user sets a token) no auth — the doc's claim
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install clickmap - After installation, invoke the skill by name or use
/clickmap - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.2
Boost discoverability and trigger-matching copy
v1.0.1
Improve listing copy and wording for clarity
v1.0.0
Initial publish
Metadata
Frequently Asked Questions
What is ClickMap?
Chrome UI automation skill for saving named on-screen targets and reusing them with reliable click/type actions. Use when browser automation is flaky, select... It is an AI Agent Skill for Claude Code / OpenClaw, with 407 downloads so far.
How do I install ClickMap?
Run "/install clickmap" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is ClickMap free?
Yes, ClickMap is completely free (open-source). You can download, install and use it at no cost.
Which platforms does ClickMap support?
ClickMap is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created ClickMap?
It is built and maintained by jayton123456789-hub (@jayton123456789-hub); the current version is v1.0.2.
More Skills