← 返回 Skills 市场

patchright-stealth-browsing

Name: patchright-stealth-browsing
Author: cyber-bye

作者 vk · GitHub ↗ · v2.0.0 · MIT-0

cross-platform ⚠ suspicious

总下载

当前安装

版本数

在 OpenClaw 中安装

/install patchright-stealth-browsing-skill

功能描述

Perform stealth browser automation to bypass bot detection (Cloudflare, Akamai, Datadome) using Patchright.

使用说明 (SKILL.md)

Patchright Stealth Browsing Skill

[!IMPORTANT] Hard Dependency Warning: This skill is strictly dependent on the patchright-mcp server. It will not work unless the patchright-mcp server is correctly installed, configured, and running in the OpenClaw environment.

Repository Access: The patchright-mcp server repository is private. Accessing, cloning, and managing the server requires proper authentication credentials and repository privileges.

This skill enables the OpenClaw agent to automate browser interactions stealthily on websites protected by active anti-bot systems (e.g., Cloudflare, Akamai, Datadome). It runs over the patchright-mcp server, which uses a patched Chromium browser.

The browser capabilities are consolidated into four core tools:

patchright_navigation: Manages page lifecycle, navigation, HTML content retrieval, and screenshot captures.
patchright_interaction: Executes clicks, text typing, option selections, scrolling, global keys, and elements synchronization.
patchright_session: Handles reading, writing, and clearing context cookies.
patchright_execution: Evaluates page scripts and extracts structured interactive element snapshots.

Guidelines for the Agent

Sequential Lifecycle Management:
- Begin by navigating directly using patchright_navigation with action navigate and the target url.
- Always finish execution by calling patchright_navigation with action close to safely release the browser process and memory.
Stealth Interaction Flow:
- To interact with a page, first get the structure using patchright_execution with action snapshot. This extracts all visible interactive elements (buttons, links, inputs) along with their CSS selectors.
- Use the retrieved selectors to trigger clicks, hovers, or inputs via patchright_interaction.
Performance Optimization (Bulk Fill):
- When filling forms with multiple inputs, do not call fill repeatedly. Instead, use patchright_interaction with action bulk_fill and pass the list of fields in the items array. This reduces roundtrips and handles fallback evaluations automatically.
Synchronizations and Waits:
- If pages load elements dynamically, synchronize using patchright_interaction with action wait_for targeting the element's selector and expected state (visible, hidden, attached, or detached).
Visual Validation:
- Capture screenshots using patchright_navigation with action screenshot after major actions (like form submissions or clicks) to verify the visual state of the page.
Authentication & Session Reuse:
- Use patchright_session with action get_cookies to save authentication state, and set_cookies to restore sessions without needing to re-login.
Custom Client Configurations:
- You can dynamically override browser launch settings by passing parameters such as headless, userAgent, viewport (e.g. { "width": 800, "height": 600 }), and deviceScaleFactor to the open or navigate actions inside patchright_navigation.
- Use these overrides to simulate different device types (mobile/desktop viewports) or rotate user agents to prevent fingerprint-based blockings.

Edge Cases and Failure Handling

Element Selector Timeouts:
- If an interaction (e.g., click, fill) fails due to a timeout, verify if the element is loaded by calling patchright_interaction with action wait_for and state visible.
- If an element is hidden or obstructed by a modal, use patchright_execution with action evaluate to trigger a native JS click: document.querySelector('selector').click().
Isolated Context Variable Sharing:
- Remember that evaluate scripts execute in an isolated context (utility world) for anti-bot stealth.
- If you need to verify or set properties on the page's main execution context, store them as custom DOM attributes (e.g., element.setAttribute('data-state', 'value')) rather than attaching them directly to window.propertyName.
Anti-bot Block Pages / CAPTCHAs:
- If you encounter a CAPTCHA or blocker page, do not repeat failing navigation commands.
- Run patchright_navigation with action screenshot to verify if a challenge is present.
- If a challenge page appears, instruct the user or wait for manual solver actions, rather than retrying automated scripts recursively.
CDP Connection Disconnects:
- If the remote CDP port 9222 falls back to a subprocess launch, verify if the process crashed by retrying open. The server automatically spins up a local fallback browser if the remote socket is unresponsive.

安全使用建议

Install only if you have a legitimate, authorized need to test or automate systems you control. Treat cookie export/import as sensitive account access, avoid using it on third-party protected services without permission, and make sure the private MCP server and any stored browser sessions are tightly controlled.

能力评估

⚠ Purpose & Capability

The stated purpose is to bypass bot detection on protected websites using Patchright, not just ordinary browser automation. That is high-impact capability because it can be used to automate access where sites are explicitly applying defensive controls.

⚠ Instruction Scope

The instructions tell the agent to use protected-target tooling, rotate user agents to avoid fingerprint blocking, run page scripts, and handle blockers, without limiting use to owned or explicitly authorized systems.

ℹ Install Mechanism

The skill itself is documentation and declares a Node runtime plus private patchright-mcp tool dependencies; no executable payload or package install script is present in the submitted artifact.

⚠ Credentials

Requiring a patched Chromium MCP server, browser automation, script evaluation, screenshots, and session tooling is proportionate to stealth browsing, but the environment authority is broad for an agent skill and lacks compliance or authorization boundaries.

⚠ Persistence & Privilege

The skill instructs use of get_cookies and set_cookies to save and restore authentication state, and notes cookie clearing, but does not provide adequate warnings about account session privacy or scope limits.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install patchright-stealth-browsing-skill
安装完成后，直接呼叫该 Skill 的名称或使用 /patchright-stealth-browsing-skill 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v2.0.0

Patchright Stealth Browsing Skill 2.0.0 — Major revision and documentation update - Rewritten SKILL.md with detailed usage guidelines, configuration options, and core tool descriptions. - Clearly documents the four core Patchright tools for navigation, interaction, session handling, and script execution. - Adds step-by-step agent usage instructions, performance advice (bulk fill), and best practices for stealth automation. - Includes troubleshooting for edge cases: element timeouts, context variable handling, CAPTCHA challenges, and connection issues. - Strong warning about hard dependency on the private patchright-mcp server and repository access requirements.

元数据

Slug patchright-stealth-browsing-skill

版本 2.0.0

许可证 MIT-0

累计安装 1

当前安装数 1

历史版本数 2

常见问题