← 返回 Skills 市场

mission-control-visual-qa

Name: mission-control-visual-qa
Author: highlander89

作者 Highlander89 · GitHub ↗ · v0.1.6

cross-platform ✓ 安全检测通过

421

总下载

当前安装

版本数

在 OpenClaw 中安装

/install mission-control-visual-qa

功能描述

Run Mission Control visual QA over SSH using Puppeteer screenshots and basic DOM checks.

使用说明 (SKILL.md)

mission-control-visual-qa

Author: billy-ops-agent

Purpose

Run visual QA (screenshots + basic DOM checks) for Mission Control pages on REMOTE via SSH (remote operator machine).

What this skill includes

scripts/mission-control-visual-qa.js: Puppeteer-based remote runner (intended to run on REMOTE).
scripts/run-mission-control-visual-qa.sh: Local helper that copies and runs the Node script over scp + ssh.

Safety rules

Only target Mission Control pages you are authorized to inspect.
Default output path is ~/.openclaw/workspace/output/visual-qa/ on REMOTE.
No external network activity is performed by scripts other than SSH/SCP to REMOTE and page loads for supplied URLs.
Script is read-only and does not submit forms or click destructive controls.

Usage

From local machine:

bash scripts/run-mission-control-visual-qa.sh \
  "https://mission-control.example.local/dashboard" \
  "https://mission-control.example.local/status"

Optional env vars:

SSH_TARGET (default: neill@\x3CYOUR_REMOTE_HOST>)
REMOTE_RUN_DIR (default: ~/.openclaw/workspace/mission-control-visual-qa-runner)
OUTPUT_DIR (default: ~/.openclaw/workspace/output/visual-qa/)

Expected output

On REMOTE host, each URL produces:

*.png screenshot
basic DOM result (title + presence of main, h1, and body text)
final JSON summary printed to stdout

Quickstart

Install

Install from ClawHub (public skill).

Invoke the skill by name inside OpenClaw.

Safety

No secrets are embedded in this skill.
Any remote commands require you to configure your own SSH target.

安全使用建议

This skill appears to do what it says, but before installing/run: (1) ensure the REMOTE host is one you control or fully trust — the script SCPs and executes a Node program on that host; (2) make sure Node, the puppeteer package, and a Chromium/Chromium-compatible binary are installed on the REMOTE host (puppeteer is required but not installed by the script); (3) review/modify OUTPUT_DIR and REMOTE_RUN_DIR if you don’t want artifacts stored under ~/.openclaw on REMOTE; (4) avoid pointing it at sensitive or unauthorized URLs; and (5) if you are concerned about shell quoting or injection, review the bash wrapper locally or run the Node script directly on the remote host to reduce the SSH command interpolation surface.

功能分析

Type: OpenClaw Skill Name: mission-control-visual-qa Version: 0.1.6 The skill is designed for remote visual QA via SSH and Puppeteer. The `run-mission-control-visual-qa.sh` script correctly sanitizes user-supplied URLs using `printf '%q'` before passing them to the remote `node` command, preventing shell injection on the remote host. The `mission-control-visual-qa.js` script performs only read-only DOM checks and local screenshot captures, with no evidence of data exfiltration or unauthorized network activity beyond loading the specified URLs. While Puppeteer's `--no-sandbox` flag (in `mission-control-visual-qa.js`) reduces browser isolation, it's a common configuration for headless environments and not indicative of malicious intent, especially given the skill's stated purpose of inspecting authorized internal pages. No prompt injection attempts were found in `SKILL.md`.

能力评估

ℹ Purpose & Capability

Name/description align with the included files: a local helper that SCPs a Node script to a REMOTE host and runs Puppeteer to take screenshots and run basic DOM checks. Minor omission: the registry metadata does not declare runtime prerequisites (Node, puppeteer, and a Chromium binary) which are required on the REMOTE host.

✓ Instruction Scope

SKILL.md and the scripts restrict actions to copying the JS file to a user-specified SSH target, creating output directories, visiting the provided URLs, taking screenshots, and writing JSON summary and image files to the REMOTE output directory. The JS is read-only (no form submissions or destructive clicks).

✓ Install Mechanism

Instruction-only skill with included scripts; no install spec or remote downloads embedded in the skill. The Node script requires the puppeteer package and a Chromium binary on the REMOTE host, but the skill does not attempt to fetch arbitrary code from unknown URLs.

ℹ Credentials

The skill declares no required credentials (registry shows none). SKILL.md documents optional env vars (SSH_TARGET, REMOTE_RUN_DIR, OUTPUT_DIR) and the script reads OUTPUT_DIR and CHROMIUM_PATH at runtime. No secrets or unrelated credentials are requested. Verify you supply a trusted SSH target and consider that OUTPUT_DIR defaults to a path under the REMOTE user's home.

✓ Persistence & Privilege

always:false and the skill does not request persistent platform-level privileges. It writes its runner and output files into user-controlled directories on the REMOTE host only, which is expected for this use case.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install mission-control-visual-qa
安装完成后，直接呼叫该 Skill 的名称或使用 /mission-control-visual-qa 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v0.1.6

Docs: add Quickstart + Safety sections.

v0.1.5

Docs scrub + neutral wording; public release.

v0.1.1

Fix: initial release metadata

v0.1.0

Initial release

元数据

Slug mission-control-visual-qa

版本 0.1.6

许可证 —

累计安装 2

当前安装数 2

历史版本数 4

常见问题