← 返回 Skills 市场
593
总下载
0
收藏
2
当前安装
12
版本数
在 OpenClaw 中安装
/install neo-browser
功能描述
Browse websites, read web pages, interact with web apps, call website APIs, and automate web tasks. Use Neo when: user asks to check a website, read a web pa...
安全使用建议
The skill appears to do what it says (turn a browser into an AI-callable API) but it will access very sensitive local data: Chrome profiles, cookies, active sessions, and full network captures. Before installing or running it: 1) inspect the npm package source (repository, maintainers, recent releases) to ensure trustworthiness; 2) prefer installing and running in a disposable or sandboxed environment (separate user account, VM, or container) rather than on a machine with important logins; 3) avoid using it while logged into sensitive accounts you don't want accessible; 4) treat exported cookies/captures as credentials — store/delete them securely; 5) run 'neo doctor' and review prompts before allowing it to launch Chrome; and 6) if you need a lower-privilege alternative, use read-only scraping tools that do not reuse your real browser session. Because this evaluation is based solely on the instruction file and registry metadata (the npm package itself was not inspected), confidence is medium — inspect the package source to raise confidence.
功能分析
Type: OpenClaw Skill
Name: neo-browser
Version: 2.1.0
The 'neo-browser' skill (version 2.1.0) provides an interface for the '@4ier/neo' CLI, which grants an AI agent extensive control over the user's browser via CDP. Key high-risk capabilities include exporting full browser cookies (`neo cookies export`), capturing raw network traffic (`neo capture`), and managing Chrome profiles. While these features are functionally aligned with the stated goal of web automation and API discovery, the inclusion of explicit commands to extract session data and execute arbitrary JavaScript (`neo eval`) creates a significant surface for credential theft and session hijacking. No direct evidence of malicious exfiltration was found in the instructions, but the toolset is inherently high-risk.
能力评估
Purpose & Capability
Name/description ask for website browsing, API discovery, and automation; the SKILL.md exclusively documents use of a 'neo' CLI that opens tabs, captures network traffic, reads pages, manipulates cookies, and automates UI — all coherent with the stated purpose. Requiring a 'neo' binary and providing an npm install is proportionate to the skill's functionality.
Instruction Scope
Instructions direct the agent to enumerate Chrome profiles, launch Chrome with a selected profile, capture CDP network traffic, export/import cookies, run JS in page context, and read authenticated APIs via auto-auth from the browser. Those actions are necessary for API discovery/browser automation but involve reading and exporting sensitive local data (cookies, session tokens, profile info). The SKILL.md explicitly encourages persisting login sessions via cookie export/import — a legitimate feature but high-risk if misused.
Install Mechanism
Install spec is an npm package (@4ier/neo) that creates a 'neo' binary. npm installs are a common distribution method but introduce moderate risk because they execute third‑party code on disk. There is no homepage/source URL in the skill metadata to verify the package origin, which reduces transparency.
Credentials
The skill requests no environment variables or external credentials, which is consistent. However, it expects access to the user's local Chrome profiles, cookies, and active tab state — sensitive data not represented as declared 'credentials'. This access is proportionate to browser automation but materially increases the sensitivity of running the skill.
Persistence & Privilege
always is false and the skill does not request global/system-level modifications in the SKILL.md. It will launch Chrome and may create files (cookie exports, captures) under the user's filesystem when used, but it does not declare forced or permanent agent-wide privileges.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install neo-browser - 安装完成后,直接呼叫该 Skill 的名称或使用
/neo-browser触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v2.1.0
Release v2.1.0
v2.0.0-skill.6
Skill docs update (docs: update SKILL.md for v2.0 + auto-publish CI)
v2.0.1
v2.0.1: Updated SKILL.md with cookie management docs, compact ref examples, profile management, CDP capture workflow
v2.0.0
Release v2.0.0
v1.5.0
Release v1.5.0
v1.4.1
Release v1.4.1
v1.4.0
Release v1.4.0
v1.3.1
Release v1.3.1
v1.3.0
Release v1.3.0
v1.2.2
Release v1.2.2
v1.2.1
Release v1.2.1
v0.4.0
Zero-config: auto-discover extension, neo setup/start, portable schema dir
元数据
常见问题
Neo — Web App API Discovery 是什么?
Browse websites, read web pages, interact with web apps, call website APIs, and automate web tasks. Use Neo when: user asks to check a website, read a web pa... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 593 次。
如何安装 Neo — Web App API Discovery?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install neo-browser」即可一键安装,无需额外配置。
Neo — Web App API Discovery 是免费的吗?
是的,Neo — Web App API Discovery 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Neo — Web App API Discovery 支持哪些平台?
Neo — Web App API Discovery 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Neo — Web App API Discovery?
由 傅洋(@4ier)开发并维护,当前版本 v2.1.0。
推荐 Skills