← 返回 Skills 市场
osipov-anton

Browser Vps Setup Skill

作者 osipov-anton · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
589
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install browser-vps-setup-skill
功能描述
Set up a remote-controlled Chrome browser on a Linux VPS with noVNC visual access (via SSH tunnel) and optional authenticated HTTP proxy. Use when the user w...
使用说明 (SKILL.md)

Browser on VPS — Setup

Set up Chrome on a Linux VPS so:

  • The agent can control it (open pages, click, fill forms, take screenshots) via OpenClaw browser tool
  • The user can watch and interact via noVNC in their local browser (over SSH tunnel)
  • Optionally: all traffic routes through an authenticated HTTP proxy (for anti-captcha)

Step 1: Install dependencies

apt-get install -y xvfb x11vnc novnc

# Install real Google Chrome (NOT snap — snap breaks automation)
wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb -O /tmp/chrome.deb
apt-get install -y /tmp/chrome.deb || apt --fix-broken install -y

Step 2: Start the browser stack

# Clean stale locks
rm -f /tmp/.X99-lock ~/.openclaw/browser/openclaw/user-data/SingletonLock 2>/dev/null

# Virtual display
Xvfb :99 -screen 0 1280x800x24 &
sleep 2

# VNC server (localhost only, no password)
x11vnc -display :99 -forever -nopw -localhost -quiet &
sleep 1

# noVNC web UI on port 6080 (localhost only)
websockify --web /usr/share/novnc 6080 localhost:5900 &
sleep 1

# Chrome with CDP on port 18800
DISPLAY=:99 google-chrome-stable --no-sandbox --disable-gpu \
  --remote-debugging-port=18800 \
  --user-data-dir=~/.openclaw/browser/openclaw/user-data \
  --window-size=1280,800 &

Step 3: Connect visually from your laptop

ssh -L 6080:localhost:6080 root@YOUR_VPS_IP

Then open http://localhost:6080/vnc.html → click Connect.

You'll see the Chrome window live. You and the agent control it simultaneously.

Step 4: Configure OpenClaw

In ~/.openclaw/openclaw.json add:

{
  "browser": {
    "enabled": true,
    "executablePath": "/usr/bin/google-chrome-stable",
    "attachOnly": true,
    "headless": false,
    "noSandbox": true
  }
}

Then restart: openclaw gateway restart

The agent can now use the browser tool to navigate, click, type, screenshot, etc.

Step 5 (Optional): Authenticated HTTP proxy

If you need a proxy (e.g. mobile proxy for anti-captcha), Chrome can't pass username/password in --proxy-server. Solution: run a local Python bridge that forwards with auth injected automatically.

python3 -c "
import socket, threading, base64, select

UPSTREAM_HOST = 'PROXY_IP'      # e.g. 87.236.22.82
UPSTREAM_PORT = PROXY_PORT       # e.g. 19423
USERNAME = 'PROXY_USER'
PASSWORD = 'PROXY_PASS'
LOCAL_PORT = 18801

auth = base64.b64encode(f'{USERNAME}:{PASSWORD}'.encode()).decode()

def handle(client):
    try:
        data = b''
        while b'\r\
\r\
' not in data:
            data += client.recv(4096)
        upstream = socket.create_connection((UPSTREAM_HOST, UPSTREAM_PORT))
        if b'Proxy-Authorization' not in data:
            data = data.replace(b'\r\
\r\
', f'\r\
Proxy-Authorization: Basic {auth}\r\
\r\
'.encode(), 1)
        upstream.sendall(data)
        while True:
            r, _, _ = select.select([client, upstream], [], [], 30)
            if not r: break
            for s in r:
                d = s.recv(65536)
                if not d: return
                (upstream if s is client else client).sendall(d)
    except: pass
    finally:
        try: client.close()
        except: pass
        try: upstream.close()
        except: pass

srv = socket.socket()
srv.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
srv.bind(('127.0.0.1', LOCAL_PORT))
srv.listen(50)
print('Local proxy on 127.0.0.1:18801')
while True:
    c, _ = srv.accept()
    threading.Thread(target=handle, args=(c,), daemon=True).start()
" &

Then restart Chrome with proxy:

pkill -9 chrome
rm -f ~/.openclaw/browser/openclaw/user-data/SingletonLock
DISPLAY=:99 google-chrome-stable --no-sandbox --disable-gpu \
  --remote-debugging-port=18800 \
  --user-data-dir=~/.openclaw/browser/openclaw/user-data \
  --window-size=1280,800 \
  --proxy-server="http://127.0.0.1:18801" &

Verify: ask the agent to open https://api.ipify.org — it should show the proxy IP, not the VPS IP.

Firewall (recommended)

ufw default deny incoming
ufw default allow outgoing
ufw allow 22/tcp
ufw allow 80/tcp
ufw allow 443/tcp
ufw --force enable

noVNC (6080), VNC (5900), and CDP (18800) are all localhost-only — never exposed publicly.

After reboot

All processes (Xvfb, x11vnc, websockify, Chrome) must be restarted. Ask the agent:

"Start the browser stack on the VPS"

The agent should run Step 2 commands from this skill.

安全使用建议
This skill appears to do what it says (set up a controllable Chrome on a VPS), but it uses several risky operational choices you should review before installing: 1) Chrome is launched with --no-sandbox (dangerous when browsing untrusted sites); avoid this if you can or run Chrome as an unprivileged user or inside a dedicated container/VM. 2) x11vnc is started with -nopw (no password) — the author limits exposure by binding to localhost, but ensure ports are not publicly reachable and only use SSH tunnels from trusted machines. 3) The optional proxy bridge requires embedding proxy credentials into a running Python one-liner: don’t paste secrets into a shell history or shared commands; prefer storing credentials in a file with strict permissions or using a vetted proxy client that supports authenticated upstreams. 4) Running services as root and installing .debs from the network is expected here but increases risk; verify downloads, prefer package-managed installs if available, and isolate this workload from other systems. 5) After setup, an agent and any user with access to the gateway/browser can control the browser (navigate pages, run JS, download). Limit the agent’s permissions and avoid visiting sensitive internal services with the provisioned browser. If you plan to proceed, consider: running the stack under a dedicated user or container, enabling proper authentication for VNC/noVNC, handling proxy credentials securely (not inline), and keeping the Chrome sandbox if possible.
功能分析
Type: OpenClaw Skill Name: browser-vps-setup-skill Version: 1.0.0 The skill is classified as suspicious primarily due to the use of the `--no-sandbox` flag when launching Google Chrome, which significantly weakens the browser's security posture and makes it vulnerable to exploits. Additionally, the `x11vnc` server is configured without a password, although it is bound to localhost and intended for access via an SSH tunnel. While these configurations are common in automated browser setups, they represent significant security vulnerabilities rather than malicious intent. There is no evidence of data exfiltration, persistence mechanisms, or malicious prompt injection against the agent.
能力评估
Purpose & Capability
The name/description (remote-controlled Chrome + noVNC + optional proxy) match the SKILL.md steps: installing Xvfb/x11vnc/noVNC, launching Chrome with remote debugging, and exposing noVNC bound to localhost for SSH tunneling. Required privileges (sudo/root) and apt (Debian/Ubuntu) are declared in the header and needed for the described operations.
Instruction Scope
Instructions stay within the stated purpose (install VM display, VNC, noVNC, launch Chrome, configure openclaw.json, optional proxy bridge). However some runtime commands expand the attack surface: launching x11vnc with -nopw (no password) even though bound to localhost, running websockify and services as background processes, and recommending Chrome with --no-sandbox. The optional Python proxy injects Proxy-Authorization into requests and runs a long-lived socket server — that component handles sensitive credentials and network traffic and is outside typical simple setup steps.
Install Mechanism
This is instruction-only (no install spec), which minimizes hidden installs. The SKILL.md downloads Google Chrome directly from dl.google.com (official). Still, the instructions write and execute packages on the VPS (apt/apt-get, wget + .deb), so the user is ultimately executing remote-sourced code — expected for this task, but it merits normal caution (verify package source/signature).
Credentials
The skill requests no environment variables or external credentials in the registry metadata, but the optional proxy step requires upstream host/port/username/password to be embedded into a one-liner Python server. That is sensitive and the SKILL.md does not advise secure secret handling (e.g., use environment variables, config files with restricted permissions, or a vetted PAC/proxy client). Also running Chrome with --no-sandbox increases risk of privilege escalation in case web content is malicious.
Persistence & Privilege
always:false and default autonomous invocation are appropriate. The skill requires root/sudo and asks to edit ~/.openclaw/openclaw.json — both are expected for configuring the agent. Still, the combination of running Chrome with --no-sandbox and backgrounding VNC/websockify services increases long-lived attack surface; consider running under a dedicated, limited user or container and ensure services remain bound to localhost and protected by firewall/SSH tunnel.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install browser-vps-setup-skill
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /browser-vps-setup-skill 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: Easily set up a remotely controllable Chrome browser on a Linux VPS with noVNC visual access and optional authenticated proxy. - Provides detailed steps to install, run, and access Chrome via noVNC on Ubuntu/Debian VPS. - Enables simultaneous control by both agent (automation) and user (visual/interactive via browser). - Includes config for integration with OpenClaw agents. - Offers an optional local Python proxy bridge for authenticated HTTP proxies. - Security note: visual access and control ports are localhost-only; includes recommended firewall settings.
元数据
Slug browser-vps-setup-skill
版本 1.0.0
许可证
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Browser Vps Setup Skill 是什么?

Set up a remote-controlled Chrome browser on a Linux VPS with noVNC visual access (via SSH tunnel) and optional authenticated HTTP proxy. Use when the user w... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 589 次。

如何安装 Browser Vps Setup Skill?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install browser-vps-setup-skill」即可一键安装,无需额外配置。

Browser Vps Setup Skill 是免费的吗?

是的,Browser Vps Setup Skill 完全免费(开源免费),可自由下载、安装和使用。

Browser Vps Setup Skill 支持哪些平台?

Browser Vps Setup Skill 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Browser Vps Setup Skill?

由 osipov-anton(@osipov-anton)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论