功能描述

Automate ChatGPT Web conversations through a local browser session with persistent login state, one-shot prompts, reusable multi-turn sessions, and conversat...

使用说明 (SKILL.md)

ChatGPT Web Skill

Name: ChatGPT Web Skill
Author: placidusaxalarak

Use this skill to drive the ChatGPT Web UI through a local browser profile.

Core Purpose

Reuse ChatGPT login state stored inside the skill directory
Start a fresh conversation or reopen an existing one
Ask one-off questions through a normal browser page
Keep a long-lived browser session for multi-turn dialogue

Always Use `python3 scripts/run.py`

Always run commands through the wrapper:

python3 scripts/run.py auth_manager.py status
python3 scripts/run.py auth_manager.py validate
python3 scripts/run.py auth_manager.py setup
python3 scripts/run.py ask_chatgpt.py --question "你好"
python3 scripts/run.py session_manager.py create

The wrapper ensures the local .venv exists, installs dependencies, and runs the target script with the correct interpreter.

Authentication Flow

Check local state:

python3 scripts/run.py auth_manager.py status

Validate the real browser state:

python3 scripts/run.py auth_manager.py validate

If needed, complete login manually in a visible browser:

python3 scripts/run.py auth_manager.py setup

To clear local auth/profile data:

python3 scripts/run.py auth_manager.py logout

Basic Chat Flow

One-shot question:

python3 scripts/run.py ask_chatgpt.py --question "你好"

Debug in visible browser:

python3 scripts/run.py ask_chatgpt.py --question "总结这段文本" --show-browser

Continue a known conversation id:

python3 scripts/run.py ask_chatgpt.py --conversation-id \x3Cconversation_id> --question "继续"

Ask with an explicit model workflow and save a proof screenshot:

python3 scripts/run.py ask_chatgpt.py \
  --new-chat \
  --model "GPT 5.4 Thinking" \
  --extended-thinking \
  --proof-screenshot \
  --question "请你推荐最近一个月，RLVR领域的论文"

Persistent Session Flow

Create a reusable session:

python3 scripts/run.py session_manager.py create
python3 scripts/run.py session_manager.py create --conversation-id \x3Cconversation_id>

Ask follow-up questions in the same tab:

python3 scripts/run.py session_manager.py ask --session-id \x3Csession_id> --question "继续问"

You can also switch model, force a fresh chat, enable Extended thinking, and save a proof screenshot in the same call:

python3 scripts/run.py session_manager.py ask --session-id \x3Csession_id> --new-chat --model "GPT 5.4 Thinking" --extended-thinking --proof-screenshot --question "请你推荐最近一个月，RLVR领域的论文"

Inspect or maintain sessions:

python3 scripts/run.py session_manager.py list
python3 scripts/run.py session_manager.py info --session-id \x3Csession_id>
python3 scripts/run.py session_manager.py reset --session-id \x3Csession_id>
python3 scripts/run.py session_manager.py close --session-id \x3Csession_id>
python3 scripts/run.py session_manager.py gc

Data Storage

All data stays inside the skill directory:

data/auth_info.json — auth metadata and last validation status
data/browser_state/ — cookies, storage state, persistent browser profile
data/conversations.json — discovered/opened conversation metadata
data/sessions.json — persistent session metadata
data/session_runtime/ — daemon socket, pid, and runtime artifacts
data/screenshots/ — debug screenshots captured on failures

Error Model

The scripts return explicit machine-readable errors for cases such as:

not logged in
redirected to login
account chooser encountered
CAPTCHA / 2FA / human verification required
page load failed
prompt input missing
send path unavailable
reply timeout
empty reply
page structure changed
session not found
invalid conversation id
session daemon unavailable
browser profile in use
network or proxy failure

Best Practices

Validate auth before deeper automation
Use --show-browser when the UI changes
Prefer persistent sessions for multi-turn workflows
Keep proxy env vars explicit on Linux when network behavior is unstable
Inspect data/screenshots/ and JSON error payloads before patching selectors

Limitations

ChatGPT Web selectors can change without notice
A blank new chat may still not expose a stable server conversation id until the first message is sent; the skill also probes frontend state, storage, and resource history, and may fall back to a client thread id such as WEB:... when ChatGPT keeps the URL at /
Some login or risk-review flows require manual intervention
Conversation deletion is intentionally left unimplemented until the web flow is stable enough

安全使用建议

This package appears to do exactly what it says: drive the ChatGPT web UI through a local browser session. Before installing, consider the following: - The skill will create a local .venv and install dependencies from PyPI (patchright, python-dotenv). Treat these installs as you would any third‑party package install. - It will persist your ChatGPT login state (cookies, local storage, a browser profile) under the skill's data/ directory. Anyone with access to those files could reuse your session, so protect/backup/encrypt or remove them if you stop using the skill. - The skill reads standard proxy and display env vars; set these explicitly if you run it in CI or a multi-user system. - It can spawn a long‑lived session daemon and create sockets/pid files under data/session_runtime/. If you need to audit or limit long-running processes, review session_manager and cleanup_manager behavior before enabling persistent sessions. - If you do not trust this code or the package owner, prefer the official API or run the scripts in an isolated environment (container or dedicated VM) and review the full code. If you want additional assurance, request a full diff of the truncated files (the package contains some truncated content in the provided manifest) so they can be reviewed as well.

功能分析

Type: OpenClaw Skill Name: chatgpt-skill Version: 0.1.0 The chatgpt-skill bundle is a well-structured tool designed to automate ChatGPT Web interactions using browser automation. It utilizes 'patchright' (a stealth-focused fork of Playwright) to manage sessions, handle authentication state locally, and extract conversation metadata. The code follows a clear logic for managing a local virtual environment, handling persistent browser profiles, and implementing a session daemon via Unix sockets. There is no evidence of data exfiltration, malicious execution, or harmful prompt injection; all high-risk capabilities (such as reading browser storage or using proxies) are directly aligned with the stated purpose of automating a web-based chat interface.

能力评估

✓ Purpose & Capability

Name/description claim to drive ChatGPT Web via a local browser and the repo contains Playwright-based automation, auth management, session management, and local data storage under the skill directory. No unrelated cloud credentials, exotic binaries, or surprising host-level access are requested — capabilities align with purpose.

ℹ Instruction Scope

SKILL.md directs the agent to run the provided wrapper (python3 scripts/run.py) which creates a skill-local virtualenv and executes the scripts. Runtime instructions and scripts operate on local skill data (data/, browser_state/, screenshots/) and the ChatGPT Web UI only. Note: the skill will read proxy-related environment variables and can capture page content/screenshots and persist cookies/storage state; these behaviors are expected for a web-automation skill but are sensitive and should be acknowledged.

ℹ Install Mechanism

There is no external install spec in the registry; the wrapper will create a local .venv and install packages from requirements.txt (patchright and python-dotenv) — installation from PyPI is standard but carries the usual supply-chain risk of third-party packages. No arbitrary remote archive downloads or obscure URLs were seen.

ℹ Credentials

The skill does not declare required credentials or config paths and does not ask for unrelated secrets. It will, however, read proxy-related env vars (HTTPS_PROXY, HTTP_PROXY, CHATGPT_PROXY_URL, NO_PROXY, DISPLAY, etc.) which are reasonable for a browser automation tool. Important: the skill persists ChatGPT auth cookies/storage under the skill's data directory, so that local state contains sensitive account authentication data.

ℹ Persistence & Privilege

The skill does not request always:true and does not modify other skills. It creates runtime artifacts (session runtime directory, daemon socket/pid, screenshots, stored browser profile/state) and can run a session daemon for persistent sessions — this is coherent with its purpose but introduces a persistent local surface (background process, sockets, files) that you should monitor and secure.

版本历史

v0.1.0

Initial community release

元数据

Slug chatgpt-skill

版本 0.1.0

许可证 —

累计安装 1

当前安装数 1

历史版本数 1

常见问题