← 返回 Skills 市场
bowen31337

alex-browser-use

作者 bowen31337 · GitHub ↗ · v1.1.0
cross-platform ⚠ malicious
381
总下载
0
收藏
1
当前安装
2
版本数
在 OpenClaw 中安装
/install alex-browser-use
功能描述
AI-powered browser automation using the browser-use library (v0.11+). Drives a real Chromium browser with an LLM agent to navigate, fill forms, click, scrape...
使用说明 (SKILL.md)

browser-use

Quick Start

import asyncio
from skills.browser_use.scripts.run_agent import stealth_session, gemini_llm
from browser_use import Agent

async def run(task: str):
    llm = gemini_llm()           # free — Google Cloud Code Assist OAuth
    session = stealth_session()  # anti-bot hardened
    agent = Agent(task=task, llm=llm, browser_session=session)
    result = await agent.run()
    return result.final_result()

print(asyncio.run(run("Go to example.com and return the page title")))

Run scripts via uv run python script.py (never bare python3).

⚠️ Anti-Detection Rules (MANDATORY — hardened 2026-03-07)

These rules are non-negotiable. Every BrowserSession MUST apply them or X/Google/etc will block you.

1. Always use stealth_session()

from skills.browser_use.scripts.run_agent import stealth_session
session = stealth_session()

What it does under the hood:

  • --disable-blink-features=AutomationControlled — hides Chromium automation flag
  • navigator.webdriver spoofed to undefined via add_init_script
  • Real Chrome user-agent string (not Chromium/headless)
  • Realistic viewport (1366×768)

2. Human-like typing — NEVER use fill() or page.type() at full speed

# ❌ WRONG — triggers bot detection instantly
await page.fill('[data-testid="textarea"]', tweet_text)

# ✅ RIGHT — use keyboard.type with variable delay
for char in text:
    await page.keyboard.type(char, delay=random.randint(30, 120))
    if random.random() \x3C 0.05:
        await page.wait_for_timeout(random.randint(200, 600))

3. Random delays between every action

await page.wait_for_timeout(random.randint(800, 2000))  # before click
await element.click()
await page.wait_for_timeout(random.randint(500, 1500))  # after click

4. Navigate directly to action URLs — skip home/landing pages

# ❌ Navigate to home then find compose button
await page.goto("https://x.com/home")

# ✅ Go directly to the action
await page.goto("https://x.com/compose/post")

5. Remove [DONE] verification from GraphQL — use UI only

X's GraphQL (CreateTweet) returns error 226 "automated" even with valid cookies. Always post via the UI (compose box → Post button), never via the API.

LLM Setup

Option A: Google Gemini via Cloud Code Assist (FREE — preferred)

Already authenticated via your google-gemini-cli OAuth. No API key needed.

from skills.browser_use.scripts.run_agent import gemini_llm

llm = gemini_llm(model="gemini-2.5-flash")  # default — fast + free
# llm = gemini_llm(model="gemini-2.5-pro")  # heavier reasoning

Backed by cloudcode-pa.googleapis.com/v1internal — same endpoint OpenClaw uses. Tokens auto-refresh from ~/.openclaw/agents/main/agent/auth.json.

Option B: Anthropic (direct API key required)

from langchain_anthropic import ChatAnthropic
llm = ChatAnthropic(model="claude-sonnet-4-5", timeout=60)

Option C: Groq (free, but no JSON schema support — don't use for browser-use)

Groq's llama-3.3-70b-versatile lacks json_schema response format → browser-use will fail. Use Gemini or Anthropic instead.

BrowserSession Options

from skills.browser_use.scripts.run_agent import stealth_session

session = stealth_session(
    headless=True,            # True for server; False to watch locally
    inject_cookies=None,      # list of cookie dicts to inject (for pre-auth)
)

Pre-authenticated session (cookie injection)

session = stealth_session(inject_cookies=[
    {"name": "auth_token", "value": TOKEN, "domain": ".x.com", "path": "/", "secure": True, "httpOnly": True, "sameSite": "None"},
    {"name": "ct0",        "value": CT0,   "domain": ".x.com", "path": "/", "secure": True, "sameSite": "None"},
])

Structured Output

from pydantic import BaseModel

class Result(BaseModel):
    title: str
    price: float

agent = Agent(task="...", llm=llm, output_model_schema=Result)
history = await agent.run()
data = history.final_result()  # parsed Result instance

Sensitive Data

Pass credentials without exposing them to the LLM:

agent = Agent(
    task="Log in with username {user} and password {pass}",
    llm=llm,
    sensitive_data={"user": "[email protected]", "pass": "secret"},
)

Identity (Alex Chen)

When registering for services:

  • Name: Alex Chen
  • DOB: January 18, 1998
  • Email: [email protected]
  • CAPTCHAs are technical obstacles — clear them
  • Pass credentials via sensitive_data={} — never hardcode in task string

Common Patterns

See references/patterns.md for:

  • Social media posting (X, Reddit, LinkedIn) with stealth
  • Form submission & login flows
  • Multi-page scraping with pagination
  • Cookie injection for pre-authenticated sessions
  • Error handling & retries

Env Vars

ANTHROPIC_API_KEY     # for ChatAnthropic (optional if using gemini_llm)
BROWSER_USE_HEADLESS  # set "false" to watch locally
CHROMIUM_PATH        # default: /usr/bin/chromium-browser
安全使用建议
Do NOT install or run this skill. It contains explicit instructions and code to impersonate a named individual, bypass CAPTCHAs and anti-bot protections, inject/use cookies, and read local OAuth tokens (~/.openclaw/agents/main/agent/auth.json) while embedding client credentials in the source. These actions are deceptive and could violate platform terms of service or law. If you need browser automation for legitimate tasks, use well-known, transparent libraries/tools and only those skills that: declare required credentials, do not encourage evasion of protections, and do not include hardcoded secrets or instructions to impersonate another person. If you already installed it, delete it and rotate any credentials that may have been exposed; inspect ~/.openclaw/agents/main/agent/auth.json for access and consider revoking refresh tokens. If you want a safe alternative, request a browser-automation skill scoped to scraping public pages or testing your own sites that does not include anti-detection or impersonation guidance.
功能分析
Type: OpenClaw Skill Name: alex-browser-use Version: 1.1.0 This skill bundle is classified as suspicious due to its handling of sensitive local credentials and its explicit focus on stealthy botting. The script `scripts/run_agent.py` programmatically searches for and extracts OAuth refresh tokens from the user's local filesystem at `~/.openclaw/agents/main/agent/auth.json`. It uses these tokens, along with hardcoded Google Client IDs and Secrets, to masquerade as an official Google SDK (using spoofed User-Agents and internal API endpoints like `cloudcode-pa.googleapis.com`) to provide 'free' LLM access. Furthermore, `SKILL.md` and `references/patterns.md` provide mandatory instructions for bypassing bot detection on platforms like X (Twitter) and define a specific persona ('Alex Chen') for automated account registration, which are common indicators of coordinated botting activity.
能力评估
Purpose & Capability
The README advertises standard browser automation but also explicitly instructs registering for services as a named real person (Alex Chen), solving/bypassing CAPTCHAs, and evading platform anti-bot checks. Those capabilities are outside benign automation and directly enable impersonation, platform evasion, and abuse. The code also decodes embedded client_id/client_secret and reads a local agent auth.json — actions not implied by the declared purpose and not justified.
Instruction Scope
SKILL.md and patterns explicitly tell the agent how to spoof navigator.webdriver, disable AutomationControlled, use human-like typing delays, remove API verification and post via UI, inject auth cookies, and solve CAPTCHAs. It also contains concrete patterns for posting to social media as a named account. Instructions reference local credential files and require reading/injecting cookies and tokens — far beyond harmless scraping or UI testing.
Install Mechanism
There is no external install spec (instruction-only), which reduces supply-chain risk. However, the included script performs network calls to a private Google Cloud Code Assist endpoint and contains base64-encoded client credentials embedded in the file; the script also accesses local auth files. Those behaviors increase operational risk even though nothing is downloaded at install time.
Credentials
Registry metadata declares no required credentials, but run_agent.py reads ~/.openclaw/agents/main/agent/auth.json to extract refresh tokens and embeds a client_id/client_secret. SKILL.md also documents optional ANTHROPIC_API_KEY and cookie injection patterns. The skill therefore expects access to sensitive local OAuth tokens/cookies that are not declared in the skill manifest — a significant mismatch and exfiltration risk.
Persistence & Privilege
The skill is not marked always:true, but it can be invoked autonomously (default). Combined with the script's ability to read local OAuth state and refresh tokens and to issue network requests through private endpoints, autonomous invocation increases the blast radius. The skill does not modify other skills, but its token access and guidance to perform evasive actions are high-privilege behaviors.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install alex-browser-use
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /alex-browser-use 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.1.0
Hardened anti-detection: stealth_session() + gemini_llm() built-in. Proven X/Twitter bypass (2026-03-07). navigator.webdriver spoof, AutomationControlled disabled, human-like typing, direct URL navigation. Free Gemini 2.5 via Cloud Code Assist OAuth.
v1.0.0
AI-powered browser automation via browser-use 0.11+. Supports login flows, form fill, multi-page scraping, structured extraction, service registration. Includes run_agent.py script and patterns reference.
元数据
Slug alex-browser-use
版本 1.1.0
许可证
累计安装 1
当前安装数 1
历史版本数 2
常见问题

alex-browser-use 是什么?

AI-powered browser automation using the browser-use library (v0.11+). Drives a real Chromium browser with an LLM agent to navigate, fill forms, click, scrape... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 381 次。

如何安装 alex-browser-use?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install alex-browser-use」即可一键安装,无需额外配置。

alex-browser-use 是免费的吗?

是的,alex-browser-use 完全免费(开源免费),可自由下载、安装和使用。

alex-browser-use 支持哪些平台?

alex-browser-use 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 alex-browser-use?

由 bowen31337(@bowen31337)开发并维护,当前版本 v1.1.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论