← 返回 Skills 市场
150
总下载
0
收藏
0
当前安装
5
版本数
在 OpenClaw 中安装
/install gjsw
功能描述
国家税务总局 12366 纳税服务平台自动登录技能。支持图形验证码 OCR 识别、持久化会话、自动定位表单元素。当用户要求登录税务平台、12366、国家税务总局、国家税务局12366 、12366国家税务局 等登录场景时触发。关键判断:用户提供用户名、密码以及登录页面 URL(或已设置环境变量),希望自动完成登录流程。
使用说明 (SKILL.md)
国家税务总局 12366 自动登录
通过 openclaw_login.py 脚本,使用 Playwright 控制 Google Chrome 浏览器,自动填写账号、密码、识别图形验证码并提交登录。支持会话持久化(复用 Chrome 用户数据目录),下次运行可保持登录状态。
功能
- 自动定位表单元素 - 智能识别用户名框、密码框、验证码图片、验证码输入框和登录按钮
- 图形验证码 OCR - 使用 ddddocr 识别验证码(自动过滤非数字字符)
- 登录重试机制 - 最多重试 5 次,验证码错误会自动刷新重试,账号密码错误则立即停止
- 持久化会话 - 使用独立 Chrome 用户数据目录
./chrome_profile,保存 Cookies 和登录态 - 远程调试端口复用 - 固定使用端口 9222,多次运行可连接同一浏览器实例
- 登录成功检测 - 通过 URL 跳转、页面关键词(个人中心、退出)和认证 Cookie 综合判断
前置要求
1. 安装依赖
pip install playwright ddddocr
playwright install chrome # 安装 Playwright 浏览器内核(脚本实际使用 Chrome)
2. 安装 Google Chrome
- Windows / macOS / Linux 均需安装 Chrome 浏览器,并确保在 PATH 中
- 脚本会自动查找常见安装路径(如 macOS 的 /Applications/Google Chrome.app)
2. 设置环境变量(可选)
export GJSW_LOGIN_URL="https://12366.chinatax.gov.cn/login" # Linux/macOS
# 或 Windows (CMD)
set GJSW_LOGIN_URL=https://12366.chinatax.gov.cn/login
- 如果未设置环境变量,每次运行时必须通过 --url 参数提供登录页 URL。
使用方法
基本命令
python3 {baseDir}/openclaw_login.py \x3C用户名> \x3C密码> [--url \x3C登录页URL>] [--debug] [--window-size WIDTH,HEIGHT]
参数说明
| 参数 | 说明 | 必填 |
|---|---|---|
| 用户名 | 登录账号 | 是 |
| 密码 | 登录密码 | 是 |
| --url | 登录页面的完整 URL(未提供则读取环境变量 GJSW_LOGIN_URL) | 否 |
| --debug | 开启调试模式,打印元素定位和识别过程 | 否 |
| --window-size | 浏览器窗口大小,格式 宽度,高度,默认 1280,800 | 否 |
示例
# 使用命令行 URL
python3 openclaw_login.py myusername mypassword --url "https://12366.chinatax.gov.cn/usercenter/login/page"
# 使用环境变量中的 URL
python3 openclaw_login.py myusername mypassword
# 调试模式 + 大窗口
python3 openclaw_login.py myusername mypassword --debug --window-size 1920,1080
安全使用建议
This skill appears to do what it says (automate login + OCR), but it handles extremely sensitive credentials and persists browser session data. Before installing or running it: 1) Review the full script (complete file) yourself or have a trusted reviewer inspect the remainder of the code for any network calls, hard-coded endpoints, or subprocess/socket usage that could exfiltrate data. The prompt-provided file is truncated; confirm the rest contains no unexpected behavior. 2) Run it in an isolated environment (VM or disposable container) and do not use your real tax credentials until you are confident. 3) Use a fresh ephemeral chrome_profile directory (or set it to a path you control) and avoid reusing your main Chrome profile. 4) Avoid running with the default remote-debugging port 9222 if you have a Chrome instance already exposing CDP — change the port or run a dedicated browser instance to reduce cross-profile exposure. 5) Avoid --debug in production runs (it prints page element text which may include sensitive info). 6) Consider alternative official APIs or manual login if you have any doubt about storing credentials in scripts. If you want, provide the remainder of the script (full file) and I can re-check for network endpoints or covert behavior.
功能分析
Type: OpenClaw Skill
Name: gjsw
Version: 1.0.5
The skill bundle is a legitimate browser automation tool designed to log into the Chinese 12366 tax service platform. It uses Playwright to control a Google Chrome instance and the ddddocr library for captcha recognition. The script (openclaw_login.py) handles credentials locally, implements standard bot-detection bypasses (e.g., disabling AutomationControlled), and maintains session persistence via a local directory. There is no evidence of data exfiltration, malicious command execution, or prompt injection.
能力评估
Purpose & Capability
Name, description, declared binaries (python3, google-chrome), primaryEnv (GJSW_LOGIN_URL), SKILL.md and included script all align: the skill automates web login using Playwright and local OCR (ddddocr). Asking for username, password and a login URL is consistent with its stated purpose.
Instruction Scope
Instructions and the script perform full browser automation: locating form fields, taking/screenshotting captcha images, running OCR, repeatedly submitting credentials, and persisting a Chrome user-data directory. These actions are expected for login automation but create high-sensitivity scope (handling user credentials and cookies). The script also prints debug information (element texts) when --debug is used which could leak sensitive page content into logs. The code imports subprocess and socket (present in the visible portion) which could be used for side operations; the provided file content in the prompt is truncated so a full review of the remaining code is needed to rule out unexpected network calls or external endpoints.
Install Mechanism
No automated install spec is included (instruction-only install steps are in SKILL.md: pip install playwright ddddocr and playwright install chrome). That is lower-risk than arbitrary downloads, but users must run these commands themselves. Playwright and ddddocr are reasonable dependencies for browser automation and local OCR.
Credentials
The skill declares only a primaryEnv (GJSW_LOGIN_URL) and otherwise expects username/password as command-line args. It does not declare unrelated cloud credentials. However, because it handles highly sensitive credentials (tax account username/password) and persistent session files (./chrome_profile), users should be aware of secure storage and local filesystem exposure.
Persistence & Privilege
The script intentionally persists a Chrome user-data directory at ./chrome_profile and uses a fixed remote debugging port (9222). Persisting a profile is expected for session reuse, but the fixed CDP/debug port is risky: if the script connects to an existing Chrome instance or if other tools can access the same debugging port, it could expose other tabs, cookies, or credentials. The skill is not always-enabled and does not modify other skills, but the persistence and CDP usage raise privilege/exposure concerns.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install gjsw - 安装完成后,直接呼叫该 Skill 的名称或使用
/gjsw触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.5
Version 1.0.5
- 更新描述,明确支持多种登录场景及参数输入方式,完善自动化流程说明
- 增加功能说明:自动定位登录页表单元素、验证码 OCR、登录重试、会话持久化等
- 明确命令行参数及环境变量配置方法
- 优化前置要求与依赖安装指引
- 移除未实际启用的 metadata 字段及交互配置,精简结构
v1.0.4
- 新增了对环境变量 GJSW_LOGIN_URL 的必填支持,需提供登录页面的完整 URL
- metadata 增加 primaryEnv 字段,强调主环境变量配置
- 增加登录页面 URL 的交互式输入提示
- 文档补充了环境变量配置说明
v1.0.3
Initial release of the gjsw skill:
- Enables automatic login to the 国家税务总局 12366 纳税服务平台.
- Prompts users interactively for username and password.
- Opens Chrome browser, recognizes CAPTCHA via OCR, and logs in automatically.
- Stores session in ./chrome_profile for persistent login.
- Requires Python 3.8+, google-chrome, and the playwright, ddddocr Python packages.
v1.0.2
- Now uses interactive prompts to collect username and password instead of relying on environment variables.
- Environment variable requirements removed; credential input requested at runtime.
- Marked as an interactive skill to support user prompts.
- Updated skill triggers and usage instructions to reflect interactive login process.
v1.0.0
- Initial release of the gjsw skill.
- Enables automatic login to the 国家税务总局 12366 纳税服务平台 using a script in Chrome.
- Utilizes Playwright and ddddocr for handling graphical CAPTCHAs.
- Preserves the login session for future use by saving data locally.
- Requires Python 3, Google Chrome (or Chromium), and environment variables for credentials.
元数据
常见问题
gjsw 是什么?
国家税务总局 12366 纳税服务平台自动登录技能。支持图形验证码 OCR 识别、持久化会话、自动定位表单元素。当用户要求登录税务平台、12366、国家税务总局、国家税务局12366 、12366国家税务局 等登录场景时触发。关键判断:用户提供用户名、密码以及登录页面 URL(或已设置环境变量),希望自动完成登录流程。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 150 次。
如何安装 gjsw?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install gjsw」即可一键安装,无需额外配置。
gjsw 是免费的吗?
是的,gjsw 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
gjsw 支持哪些平台?
gjsw 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 gjsw?
由 Edwn(@edwn)开发并维护,当前版本 v1.0.5。
推荐 Skills