← Back to Skills Marketplace

Playwright WS

Name: Playwright WS
Author: first-it-consulting

by first-it-consulting · GitHub ↗ · v1.0.2 · MIT-0

cross-platform ⚠ suspicious

414

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install playwright-ws

Description

Browser automation via remote Playwright WebSocket server for screenshots, PDFs and testing.

Usage Guidance

This skill appears to do what it claims: connect to a Playwright WebSocket server to take screenshots, generate PDFs, and run tests. Before installing, make sure: 1) PLAYWRIGHT_WS points to a server you trust — that server can view and control every page you open (so do not point it at pages with secrets unless you trust the operator); 2) you understand npm install will pull the Playwright package (and may download browser binaries) — set PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD if you want to avoid browser downloads; 3) prefer wss:// URLs when crossing untrusted networks; 4) review package.json/package-lock if you require strict dependency vetting. If you need to avoid any remote exposure, run Playwright locally instead of using a remote WS endpoint.

Capability Analysis

Type: OpenClaw Skill Name: playwright-ws Version: 1.0.2 The playwright-ws skill bundle provides legitimate browser automation tools for generating screenshots, PDFs, and running tests via a remote Playwright WebSocket server. The implementation is well-documented, includes a comprehensive test suite, and follows security best practices by using spawnSync with array arguments in scripts like test-runner.js and package-skill.js to prevent shell injection. No evidence of data exfiltration, malicious persistence, or prompt injection was found.

Capability Assessment

✓ Purpose & Capability

Name/description (remote Playwright over WebSocket) match the code and SKILL.md. Required binary (node) and required env var (PLAYWRIGHT_WS) are appropriate and necessary for the skill's function. The scripts implement screenshots, PDF export, and a test runner which is consistent with the description.

ℹ Instruction Scope

SKILL.md and scripts only instruct connecting to a user-provided PLAYWRIGHT_WS endpoint and running the included scripts; they do not read unrelated system files or unexpected env vars. Important security note: any Playwright WebSocket server you connect to can control the browser and see page content (including forms, cookies/storage if used), so the remote server operator can observe or exfiltrate data from pages you render. This is expected behavior for a remote Playwright integration but is a real privacy/security consideration.

ℹ Install Mechanism

There is no platform install spec in registry metadata (instruction-only), but SKILL.md tells users to run `npm install`. package.json declares the 'playwright' dependency which typically pulls large packages and may download browser binaries on install. This is not malicious, but it can be heavyweight and may be unnecessary if you only want remote operation; consider using PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD or using playwright-core if you want to avoid local browser downloads.

✓ Credentials

The skill declares a single env var (PLAYWRIGHT_WS) as the primary credential which is proportionate. No unrelated secrets or multiple credentials are requested. Be aware that PLAYWRIGHT_WS functions as an endpoint/credential — providing it to the skill grants that server the ability to drive a browser session and view rendered content.

✓ Persistence & Privilege

The skill does not request always:true and does not modify other skills or system-wide configuration. It is user-invocable and can be invoked autonomously (platform default), which is expected and not flagged here.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install playwright-ws
After installation, invoke the skill by name or use /playwright-ws
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.2

Fix: standardize on PLAYWRIGHT_WS env var — test-runner.js was inconsistently using PLAYWRIGHT_SERVER

v1.0.1

Security: fix shell injection vulnerabilities in test-runner.js, package-skill.js and package-for-clawhub.js

v1.0.0

Initial release

Metadata

Slug playwright-ws

Version 1.0.2

License MIT-0

All-time Installs 1

Active Installs 1

Total Versions 3

Frequently Asked Questions

What is Playwright WS?

Browser automation via remote Playwright WebSocket server for screenshots, PDFs and testing. It is an AI Agent Skill for Claude Code / OpenClaw, with 414 downloads so far.

How do I install Playwright WS?

Run "/install playwright-ws" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Playwright WS free?

Yes, Playwright WS is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Playwright WS support?

Playwright WS is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Playwright WS?

It is built and maintained by first-it-consulting (@first-it-consulting); the current version is v1.0.2.

More Skills