← 返回 Skills 市场
faisalive

Enable AI Agent to retrive data from websites that need user signin

作者 Faisal Akbar · GitHub ↗ · v1.0.1
cross-platform ⚠ suspicious
963
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install browser-ability
功能描述
This skill enables an AI Agent to signin and retrieve data from websites via JS script.
使用说明 (SKILL.md)

Browser Ability Skill

This skill enables an AI Agent to signin and retrieve data from websites via JS script (limited tools, if there's no tools for what user want, just direcly use browser via CDP connection), including sources that require manual user authentication. When authentication is required, the script provides a sign-in URL and a signin_id. The agent must hand off the sign-in process to the user, wait for confirmation, and then resume the data request using the provided signin_id. The skill enforces secure access through API key authentication and supports human-in-the-loop workflows for sensitive or protected data sources.

Setup

# Navigate to skill directory
cd skills/browser-ability

# Install dependencies
npm install

# Set CDP URL
# This CDP URL are the same with your browser CDP URL
export CDP_URL="http://[ipv6]:port"

Available Method

List Available Tools

npm run list

Call a Tool

npm run call -- TOOL_NAME --args='{"foo":"bar"}'

Call a Tool After Sign-In

npm run call -- TOOL_NAME --args='{"foo":"bar"}' --signinId=YOUR_SIGNIN_ID

Manual Sign-In Flow

Some Tool calls require the user to manually sign in to a website (e.g. e-commerce, banking, or account-based platforms).

The agent must not automate browser-based sign-in.

Step-by-Step Workflow

1. Initial API Call

The agent calls the target tool normally.

Example:

npm run call -- amazon_get_purchase_history

2. Sign-In Required Response

If sign-in is required, the script responds with a sign-in URL and a signin_id.

Example Response:

{
  "content": [
    {
      "type": "text",
      "text": "{\"url\":\"https://signinurl\",\"message\":\"Continue to sign in in your browser at https://signinurl.\",\"signin_id\":\"YOUR_SIGNIN_ID\",\"system_message\":\"Try open the url https://signinurl in a browser with a tool if available.Give the url to the user so the user can open it manually in their browser.Then call check_signin tool with the signin_id to check if the sign in process is completed. Once it is completed successfully, then call this tool again to proceed with the action.\"}"
    }
  ],
  "structuredContent": {
    "url": "https://signinurl",
    "message": "Continue to sign in in your browser at https://signinurl.",
    "signin_id": "YOUR_SIGNIN_ID",
    "system_message": "Try open the url https://signinurl in a browser with a tool if available.Give the url to the user so the user can open it manually in their browser.Then call check_signin tool with the signin_id to check if the sign in process is completed. Once it is completed successfully, then call this tool again to proceed with the action."
  },
  "isError": false
}

3. Agent Action (When Sign-In Is Required)

When a response contains url and signin_id, the agent must:

  1. Inform the user that manual sign-in is required
  2. Provide the sign-in URL to the user
  3. Pause the automated process
  4. Wait for the user to confirm sign-in completion

4. User Action

The user:

  • Opens the provided URL in their browser
  • Completes the sign-in process manually
  • Notifies the agent once sign-in is complete

5. Resume Tool Call

After user confirmation, the agent re-calls the same Tool, passing the signin_id as a query parameter.

Example:

npm run call -- amazon_get_purchase_history --signinId=YOUR_SIGNIN_ID

6. Final Result

If authentication is successful, the script returns the requested data (e.g. purchase history).

Agent Behavior Constraints

  • Do not open sign-in URLs automatically
  • Do not attempt to automate website login
  • Always wait for explicit user confirmation before continuing
  • Reuse the same tool endpoint after sign-in
  • If there's no tool available, just directly open browser and browse yourself via CDP

Example Use Case

Goal: Retrieve Amazon purchase history

  1. Call amazon_get_purchase_history
  2. Receive sign-in URL and signin_id
  3. Ask the user to open the URL and sign in
  4. Wait for confirmation
  5. Re-call the API with signinId
  6. Receive purchase history data

Goal: Open Amazon Change Password Page

  1. Try open browser via CDP, open amazon change password page
  2. Cannot open that page because require sign in
  3. Call amazon_signin
  4. Receive sign-in URL and signin_id
  5. Ask the user to open the URL and sign in
  6. Wait for confirmation
  7. Try open browser via CDP again
  8. Success open change password page

Summary

This skill enables secure website signin by:

  • Delegating sensitive authentication steps to the user
  • Resuming automated workflows after authentication
  • Enforcing consistent security practices
安全使用建议
Do not install or run this skill unless you fully trust the remote MCP server and the skill author. Specific things to check or change before using it: (1) The registry metadata should declare required env vars (SERVER_URL, CDP_URL, optional SIGNIN_ID) and explain how SERVER_URL is authenticated/verified. (2) Understand that providing CDP_URL exposes a browser debug endpoint — an MCP server that receives it can control or read your browser session (cookies, pages, forms). Never provide CDP_URL for your normal browser; only use a sandboxed or disposable browser in a VM or isolated container and ensure the MCP server is trusted and uses TLS and auth. (3) Ask the author how API key authentication is implemented (SKILL.md claims API-key auth but the code doesn't set one). (4) Prefer the author remove automatic forwarding of CDP_URL to remote servers or require an explicit, documented trust/consent step. (5) If you must test, run the skill in an isolated environment (guest VM or ephemeral container) and do not use real accounts or browsers that contain sensitive cookies/credentials.
功能分析
Type: OpenClaw Skill Name: browser-ability Version: 1.0.1 The skill is classified as suspicious due to its high-privilege browser control capabilities via Chrome DevTools Protocol (CDP) and a significant prompt injection risk in `SKILL.md`. The instruction "If there's no tool available, just directly open browser and browse yourself via CDP" could be exploited by a prompt-injected AI agent to perform unintended browsing actions, potentially accessing sensitive data or internal resources, despite other constraints in the documentation. Furthermore, the `script.js` sends the user's `CDP_URL` to an external `SERVER_URL` (MCP server), introducing a critical trust dependency where a compromised or malicious MCP server could gain full control over the user's browser session.
能力评估
Purpose & Capability
The description says the skill enables sign-in and data retrieval via JS and CDP, which aligns with the code that uses a Model Context Protocol (MCP) client and a browser CDP URL. However the registry metadata lists no required environment variables or credentials while the code enforces two required env vars (CDP_URL and SERVER_URL). That metadata omission is an incoherence: a legitimate skill should declare SERVER_URL and CDP_URL as required if they are mandatory.
Instruction Scope
SKILL.md instructs the agent to hand sign-in to the user (no automated login) and to use a CDP connection when needed. But the instructions never mention SERVER_URL even though the runtime requires it, and they do not warn that the CDP_URL (a local browser debug endpoint) will be sent to the MCP server. The script sends x-cdp-url to the MCP transport headers — this is a scope creep / data-leak risk because it exposes a local debugging endpoint to a remote server.
Install Mechanism
This is an instruction + code skill that installs dependencies via npm (package.json points to @modelcontextprotocol/sdk and dotenv). There are no arbitrary downloads or scripts from untrusted URLs; dependencies are from the public npm registry which is normal but still carries typical npm package supply-chain risks.
Credentials
The skill's declared requirements say none, but the code requires CDP_URL and SERVER_URL environment variables (and optionally SIGNIN_ID). CDP_URL is highly sensitive (it exposes a remote API to control/read a browser). The skill also claims 'API key authentication' in SKILL.md but there is no declared or implemented API key env var or auth header in the script. Requiring and transmitting a local CDP URL to an external SERVER_URL is disproportionate to what the metadata indicates and risky.
Persistence & Privilege
always:false (good) but the skill connects to an external MCP server (SERVER_URL) and will include the CDP_URL header when connecting. If invoked (autonomously or by the user), that remote MCP endpoint could request actions routed to your browser CDP. The skill therefore grants a remote endpoint potential control or read access to the user's browser if the user supplies CDP_URL — this is a high-privilege capability and should be treated cautiously.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install browser-ability
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /browser-ability 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
browser-ability 1.0.1 - Updated skill description to clarify sign-in and data retrieval capabilities for websites via JS script. - No functional changes or file modifications in this release. - Documentation now briefly emphasizes signin and retrieval with JS script in the description.
v1.0.0
Initial release of browser-ability skill. - Enables data retrieval from websites using JS scripts or direct browser automation via CDP. - Supports manual user authentication for protected sources; provides sign-in URLs and signin_id for human-in-the-loop workflow. - Enforces secure access via API key authentication. - Details step-by-step manual sign-in process and agent responsibility for safe data access. - Allows direct browser control if no specific tool is available.
元数据
Slug browser-ability
版本 1.0.1
许可证
累计安装 2
当前安装数 0
历史版本数 2
常见问题

Enable AI Agent to retrive data from websites that need user signin 是什么?

This skill enables an AI Agent to signin and retrieve data from websites via JS script. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 963 次。

如何安装 Enable AI Agent to retrive data from websites that need user signin?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install browser-ability」即可一键安装,无需额外配置。

Enable AI Agent to retrive data from websites that need user signin 是免费的吗?

是的,Enable AI Agent to retrive data from websites that need user signin 完全免费(开源免费),可自由下载、安装和使用。

Enable AI Agent to retrive data from websites that need user signin 支持哪些平台?

Enable AI Agent to retrive data from websites that need user signin 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Enable AI Agent to retrive data from websites that need user signin?

由 Faisal Akbar(@faisalive)开发并维护,当前版本 v1.0.1。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论