← 返回 Skills 市场
Playwright Cli
作者
chensu1234
· GitHub ↗
· v1.0.0
· MIT-0
91
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install playwright-cli-tool
功能描述
Playwright CLI 自动化工具 - 浏览器自动化测试和网页交互。通过 CLI 命令控制浏览器、截图、填表、点击、执行代码等操作。支持多浏览器、会话管理、网络拦截、视频录制等功能。
安全使用建议
This skill's instructions are coherent with a Playwright CLI tool but the package metadata omits key facts and the runtime actions are powerful: - The SKILL.md requires npm/node and suggests running 'npm install -g', but the skill metadata doesn't declare these. Expect the install to write to disk and possibly require elevated permissions. - The CLI can read cookies, localStorage, saved states, upload files, intercept network requests, and execute arbitrary code (run-code), which could expose sensitive site data or local files. - Before installing: verify the source and npm package owner, prefer pinned versions (avoid '@latest'), and consider installing in a sandbox/container or using a non-global, audited install. - If you allow an agent to run this skill autonomously, restrict it from running on machines with sensitive data and avoid granting it broad filesystem or network access. - If you need this capability, ask the publisher to update metadata to declare required binaries (node, npm), environment variables, and to provide a trusted install mechanism or checksum; without that, treat the skill as untrusted.
功能分析
Type: OpenClaw Skill
Name: playwright-cli-tool
Version: 1.0.0
The skill bundle describes a browser automation tool with high-risk capabilities, including arbitrary JavaScript execution (`run-code`), cookie and local storage extraction (`cookie-list`, `localstorage-get`), and the ability to attach to existing browser sessions. It also directs the installation of a non-standard npm package `@playwright/cli` (the official package is typically `playwright` or `@playwright/test`). While these features are technically aligned with the stated purpose of browser automation, they provide a significant attack surface for data exfiltration and unauthorized remote control, warranting a suspicious classification.
能力评估
Purpose & Capability
The skill claims to be a Playwright CLI helper, which justifies commands like open, click, screenshot. However the metadata lists no required binaries or install steps while the instructions explicitly require npm/node and installing a global package (@playwright/cli). The SKILL.md also references environment variables (PLAYWRIGHT_MCP_*) that are not declared in the registry metadata. The omission of required runtime prerequisites (npm/node, ability to install global binaries) is an incoherence.
Instruction Scope
The instructions tell the agent to run commands that can read and modify browser cookies, localStorage, save/load state, upload files, intercept network requests, record video/traces, forcibly kill browser processes, attach to running browsers, and run arbitrary code via 'run-code' or executing files. Those are valid Playwright capabilities but they give the agent broad ability to access and exfiltrate sensitive page data and local files; the skill text gives the agent discretion to perform these actions without limits.
Install Mechanism
The package is instruction-only (no install spec), but SKILL.md instructs 'npm install -g @playwright/cli@latest' and 'playwright-cli install --skills'. A global npm install modifies the host, may require elevated/write permissions, and is not captured in the registry metadata. Because installation is left to runtime commands, there's a risk the agent will fetch and execute code from npm without explicit provenance, version pinning, or sandboxing.
Credentials
The registry shows no required env vars or credentials, but the SKILL.md documents multiple environment variables (PLAYWRIGHT_MCP_*) controlling behavior. Additionally, runtime operations described (state-save/load, cookie/localStorage access, file upload/download, network routing) imply access to local files and browser secrets even though none of that is declared. The lack of declared env/permission requirements is inconsistent with what the instructions actually use and enable.
Persistence & Privilege
The skill does not request 'always: true' and does not claim to modify other skills. However, following the instructions will create persistent artifacts on the host (global npm package, saved outputs, recordings, saved state files) and may require elevated filesystem access. That persistence is not represented in the metadata and should be considered by deployers.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install playwright-cli-tool - 安装完成后,直接呼叫该 Skill 的名称或使用
/playwright-cli-tool触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of playwright-cli: a versatile CLI tool for browser automation and testing.
- Provides browser control via commands: open, close, goto, screenshot, PDF export, tab management, state/cookie/localStorage management, network interception, video/tracing, and custom session handling.
- Supports interactions: click, fill, hover, drag, select, check/uncheck, upload, keyboard/mouse controls.
- Features robust element referencing and snapshot mechanism for reliable automation.
- Includes configuration via JSON files and environment variables.
- Suitable for web testing, data collection, screenshots, network intercept/mock, video/trace recording, and integration with AI agents.
元数据
常见问题
Playwright Cli 是什么?
Playwright CLI 自动化工具 - 浏览器自动化测试和网页交互。通过 CLI 命令控制浏览器、截图、填表、点击、执行代码等操作。支持多浏览器、会话管理、网络拦截、视频录制等功能。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 91 次。
如何安装 Playwright Cli?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install playwright-cli-tool」即可一键安装,无需额外配置。
Playwright Cli 是免费的吗?
是的,Playwright Cli 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Playwright Cli 支持哪些平台?
Playwright Cli 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Playwright Cli?
由 chensu1234(@chensu1234)开发并维护,当前版本 v1.0.0。
推荐 Skills