← 返回 Skills 市场
Browser Search
作者
中国山东肥城林水科技
· GitHub ↗
· v1.0.7
· MIT-0
697
总下载
0
收藏
8
当前安装
8
版本数
在 OpenClaw 中安装
/install browser-search
功能描述
浏览器搜索技能 - 安全的网页搜索工具 使用本地浏览器进行自动化搜索和内容提取 支持 Bing、Google、Baidu、DuckDuckGo 等公开搜索引擎 无需 API 配置,路径输出受限
使用说明 (SKILL.md)
Browser Search 技能
使用本地浏览器进行安全的网页搜索和内容提取。
安全说明
仅用于合法用途,严格遵守以下限制:
- ✅ 仅访问公开搜索引擎:Bing、Google、Baidu、DuckDuckGo
- ✅ 路径输出受限:结果文件只能保存到用户主目录
- ✅ 无危险函数:不使用 eval/exec 等危险函数
- ✅ 严格的超时控制:防止无限等待
- ❌ 禁止访问敏感站点:仅支持公开搜索引擎
- ❌ 禁止爬取私有内容:仅提取搜索结果摘要
核心功能
- 🔍 多搜索引擎支持:Bing、Google、Baidu、DuckDuckGo
- 📄 内容提取:自动提取搜索结果标题和链接
- 💾 结果保存:保存到 JSON/TXT/MD 文件(路径受限)
使用场景
- 查找最新新闻和资讯
- 搜索技术文档和教程
- 市场调研(仅限公开信息)
触发词
- "搜索..."
- "查找..."
- "用浏览器搜索..."
- "帮我找..."
快速开始
# 基本搜索
browser-search "人工智能 2026"
# 指定引擎
browser-search "AI 趋势" --engine bing
# 保存结果
browser-search "Python 教程" --output ~/results.json --max 5
注意事项
- 需要本地 Chromium 浏览器
- 结果可能受地区限制
- 仅用于合法合规用途
- 输出文件路径必须在用户主目录
安全使用建议
This skill appears to do what it says (use a local Chromium via Playwright to grab search result titles/links), but it will write output to any file you point to under your home directory. Before installing or running it: (1) review the browser-search.py code yourself or in a safe environment; (2) never pass a path that could overwrite sensitive files (e.g., ~/.ssh/*, shell profile files, or other secrets); (3) prefer running it in a constrained account or container so the home directory does not contain sensitive data; (4) be aware of TOCTOU/symlink risks — avoid running it where untrusted processes can change files between validation and write; (5) install Playwright and Chromium from official sources and run the tool manually first to confirm behavior. If you need stricter guarantees, request the author add a filename whitelist (e.g., only ~/.local/share/browser-search/*.json), atomic write-to-temp-then-rename behavior, and explicit refusal to overwrite existing files.
功能分析
Type: OpenClaw Skill
Name: browser-search
Version: 1.0.7
The browser-search skill bundle is a legitimate tool for automating web searches via Playwright. The code in browser-search.py implements explicit security controls, such as validating that output files are restricted to the user's home directory and avoiding dangerous functions like eval or exec. No evidence of data exfiltration, malicious persistence, or prompt injection was found across the script or documentation.
能力评估
Purpose & Capability
The name/description (local browser search using Playwright/Chromium) matches the provided code. Minor inconsistency: registry metadata lists no required binaries/env, but SKILL.md and requirements.txt explicitly state Playwright and Chromium are required. This is an implementation/metadata mismatch rather than an outright functional contradiction.
Instruction Scope
The code restricts output paths to the user's home directory, but otherwise will write arbitrary JSON to any path under the home directory (including hidden/sensitive files like ~/.ssh/ or dotfiles) if given that path. The runtime does not enforce filename whitelists or type-checking of destination files and is vulnerable to TOCTOU (validate then write) / symlink risks. The code visits only search engine result pages and does not follow links, and it does not read other system files or environment variables beyond normal runtime — that part is consistent with the stated scope.
Install Mechanism
There is no install spec in the registry (instruction-only), but the package contains requirements.txt and the SKILL.md and code state Playwright + Chromium are required. Because installation is left to the user, this is moderate friction but not unexpected — just ensure Playwright and its browsers are installed from official sources.
Credentials
The skill requests no environment variables or external credentials (appropriate). However, allowing write access to any file under the user's home directory is broader than the 'results-only' claim in the SKILL.md: sensitive files under home could be overwritten. There is no protection against a user or calling process specifying a path that would expose or overwrite secrets.
Persistence & Privilege
always:false and no special persistence or cross-skill configuration changes. The skill does not request elevated or persistent privileges and does not modify other skills' configs.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install browser-search - 安装完成后,直接呼叫该 Skill 的名称或使用
/browser-search触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.7
- Updated metadata in _meta.json; no changes to features or functionality.
- No impact on user experience or usage.
v1.0.6
- Internal metadata updated; no user-facing functionality changes.
- All features and documentation remain unchanged.
- Safe, multi-engine browser search continues as before.
v1.0.5
browser-search v1.0.5
- Added _meta.json file for improved metadata management.
- Updated documentation with stricter safety requirements and clearer guidance.
- Refined function descriptions: streamlined supported features and limitations for clarity.
- Ensured continued restriction on file output location and public search engines only.
v1.0.4
browser-search v1.0.4
- Added FIX_NOTES.md for better tracking of fixes and changes.
- Updated version history and documentation to reflect recent fixes and improvements.
- Minor adjustments to descriptions and file organization.
v1.0.3
Version 1.0.3
- Security further enhanced: reduced use of suspicious patterns and improved safety measures.
- Output paths now restricted to user home directory only.
- Removed potentially dangerous code (e.g., eval/exec), simplified network logic, and improved timeout handling.
- Support limited to public search engines and non-sensitive sites.
- Documentation updated to reflect safer behavior and usage restrictions.
v1.0.2
browser-search 1.0.2
- Maintenance update with no user-facing feature changes.
- Documentation and skill metadata remain unchanged in this release.
v1.0.1
- Fixed a security vulnerability that allowed arbitrary file writes via the --output parameter.
- Output file paths are now restricted to the user's home directory and its subdirectories.
- Output outside the home directory (e.g. system folders) is blocked to prevent misuse.
- Updated documentation to reflect the new security restrictions and safer usage instructions.
- Added a requirements.txt file; removed README.md.
v1.0.0
browser-search v1.0.0
- 初始发布,支持通过本地浏览器自动化多搜索引擎检索与内容提取
- 支持 Bing、Google、Baidu、DuckDuckGo 等多种搜索引擎
- 提供搜索结果自动提取、摘要生成与链接采集
- 支持结果保存、分页浏览和关键词过滤
- 可自定义和设置默认搜索引擎
元数据
常见问题
Browser Search 是什么?
浏览器搜索技能 - 安全的网页搜索工具 使用本地浏览器进行自动化搜索和内容提取 支持 Bing、Google、Baidu、DuckDuckGo 等公开搜索引擎 无需 API 配置,路径输出受限. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 697 次。
如何安装 Browser Search?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install browser-search」即可一键安装,无需额外配置。
Browser Search 是免费的吗?
是的,Browser Search 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Browser Search 支持哪些平台?
Browser Search 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Browser Search?
由 中国山东肥城林水科技(@linshuikeji)开发并维护,当前版本 v1.0.7。
推荐 Skills