← 返回 Skills 市场
Abby Browser
作者
earnabitmore365
· GitHub ↗
· v1.0.0
620
总下载
0
收藏
3
当前安装
1
版本数
在 OpenClaw 中安装
/install abby-browser
功能描述
基于 OpenClaw 的浏览器工具,支持自然语言控制网页打开、截图、点击、输入、表单填写、数据提取和页面操作。
使用说明 (SKILL.md)
Abby Browser Skill
基于 OpenClaw 内置浏览器工具封装
解决的问题
让爸爸可以用自然语言控制浏览器,不需要记住复杂命令。
核心功能
| 功能 | 命令 | 示例 |
|---|---|---|
| 打开网页 | open |
打开 Google |
| 截图 | screenshot |
截取当前页面 |
| 点击 | click |
点击按钮 |
| 输入 | type |
输入文字 |
| 填表单 | fill |
填写表单 |
| 提取数据 | snapshot |
获取页面内容 |
| 等待 | wait |
等待加载 |
| 滚动 | scroll |
滚动页面 |
使用方法
在对话中
爸爸:帮我打开 Google
Abby:好的爸爸!让我打开 Google...
[执行 openclaw browser open https://google.com]
✅ 已打开 Google
爸爸:帮我截图
Abby:好的,截个图...
[执行 openclaw browser screenshot]
📸 截图已保存
爸爸:帮我点击登录按钮
Abby:好的...
[执行 openclaw browser click 12]
✅ 已点击
常用命令
# 打开网页
openclaw browser open https://example.com
# 截图
openclaw browser screenshot
openclaw browser screenshot --full-page
# 点击元素 (需要先 snapshot 获取 ref)
openclaw browser click 12
openclaw browser click 12 --double
# 输入文字
openclaw browser type 12 "hello world"
# 填写表单
openclaw browser fill --fields '[{"ref":"1","value":"xxx"}]'
# 获取页面快照
openclaw browser snapshot
openclaw browser snapshot --format aria
# 等待
openclaw browser wait --text "Done"
openclaw browser wait --selector ".content"
# 滚动
openclaw browser evaluate --fn 'window.scrollTo(0, document.body.scrollHeight)'
封装脚本
scripts/open.py
打开网页的封装脚本。
scripts/screenshot.py
截图的封装脚本。
scripts/click.py
点击元素的封装脚本。
scripts/form.py
表单填写的封装脚本。
scripts/extract.py
数据提取的封装脚本。
重要概念
1. Element Reference (ref)
每次执行 snapshot 后,元素会有一个编号 (ref):
\x3Cbutton ref="12">登录\x3C/button>
\x3Cinput ref="23" />
点击 ref=12:openclaw browser click 12
2. Snapshot 格式
--format ai(默认) - AI 理解--format aria- 辅助功能树
3. 等待加载
操作前最好等待:
openclaw browser wait --text "加载完成"
安全考虑
- ❌ 不自动执行危险操作
- ✅ 执行前确认
- ✅ 记录操作日志
- ✅ 异常处理
依赖
- OpenClaw browser 工具
- Chrome/Chromium 浏览器
相关文档
创建于 2026-02-15
安全使用建议
This skill is a straightforward wrapper around the OpenClaw browser CLI and appears to do what it says. Before installing, verify you trust the source (homepage is missing and source is 'unknown'), and confirm you have the official openclaw CLI and Chrome/Chromium installed. Be aware: the scripts can execute page JavaScript and return page contents (normal for a browser tool), so do not allow use on pages containing sensitive data unless you trust the agent's actions. Also note the SKILL.md promises confirmation/logging but the shipped scripts do not implement explicit user confirmation or persistent logs — if you need those safety guarantees, ask the author for implementation or avoid using the skill for destructive or sensitive tasks.
功能分析
Type: OpenClaw Skill
Name: abby-browser
Version: 1.0.0
The skill is classified as suspicious due to a critical JavaScript injection vulnerability found in `scripts/extract.py`. The `extract_text` function directly embeds the `selector` argument, taken from `sys.argv`, into a JavaScript string executed via `openclaw browser evaluate --fn`. This lack of input sanitization allows an attacker to inject arbitrary JavaScript code into the browser context, potentially leading to data exfiltration (e.g., cookies, local storage, page content) or other client-side attacks. While there is no clear evidence of intentional malicious behavior by the skill developer, this vulnerability presents a significant security risk.
能力评估
Purpose & Capability
The skill's name/description state it wraps the OpenClaw browser for actions like open, click, screenshot and extract — the included scripts invoke the 'openclaw browser' CLI exactly as expected. Minor mismatch: registry metadata lists no required binaries while both SKILL.md and the scripts require the 'openclaw' CLI and a Chrome/Chromium browser; that should be declared but is not malicious.
Instruction Scope
SKILL.md and the scripts instruct only to run OpenClaw browser commands and to operate on web pages. The scripts do execute arbitrary page JS via evaluate and return page content (expected for a browser skill). The SKILL.md claims confirmation, logging, and not auto-executing dangerous operations, but the provided scripts do not implement explicit user confirmation or logging — this documentation/implementation gap is a behavioral mismatch to be aware of.
Install Mechanism
No install spec or external downloads; the skill is instruction + local Python scripts that invoke an existing CLI. No remote code fetch, archive extraction, or third-party package installs are present in the package.
Credentials
The package requires no environment variables or credentials. It expects the local 'openclaw' CLI and a browser to be present (declared in SKILL.md). There are no requests for unrelated secrets or system credentials in code or docs.
Persistence & Privilege
always:false and no modifications to other skills or system-wide settings. The skill does not request permanent platform privileges; autonomous invocation is allowed by default but not excessive here. No self-enabling or config changes detected.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install abby-browser - 安装完成后,直接呼叫该 Skill 的名称或使用
/abby-browser触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of abby-browser skill.
- Enables natural language browser control without complex commands.
- Supports opening webpages, taking screenshots, clicking elements, typing input, filling forms, extracting data, waiting, and scrolling.
- Provides clear command examples for both chat and terminal usage.
- Includes built-in scripts for common browser actions.
- Emphasizes security with operation confirmation, logging, and error handling.
元数据
常见问题
Abby Browser 是什么?
基于 OpenClaw 的浏览器工具,支持自然语言控制网页打开、截图、点击、输入、表单填写、数据提取和页面操作。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 620 次。
如何安装 Abby Browser?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install abby-browser」即可一键安装,无需额外配置。
Abby Browser 是免费的吗?
是的,Abby Browser 完全免费(开源免费),可自由下载、安装和使用。
Abby Browser 支持哪些平台?
Abby Browser 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Abby Browser?
由 earnabitmore365(@earnabitmore365)开发并维护,当前版本 v1.0.0。
推荐 Skills