← 返回 Skills 市场
498
总下载
0
收藏
6
当前安装
1
版本数
在 OpenClaw 中安装
/install playwright-mcp-skill
功能描述
Run browser automation through @playwright/mcp over UXC stdio MCP, with daemon-friendly session reuse and safe action guardrails. Use when tasks need determi...
安全使用建议
This skill appears to do what it says (drive Playwright MCP over uxc/npx) but has some concerning gaps. Before installing or running it: 1) review and decide whether you trust on-demand npm execution (npx @playwright/mcp@latest); consider pinning a specific version instead of @latest; 2) be aware the skill suggests creating persistent CLI links and a profile directory (~/.uxc/playwright-profile) that will store session state (cookies/tokens) — only use shared-profile mode if you understand and accept persistent credentials; 3) note the docs reference UXC_DAEMON_EXCLUSIVE though no env vars are declared — verify what your environment will expose to the CLI and whether the skill will read/write that path; 4) run first-time usage in an isolated environment (container or VM) if you want to limit potential exposure from remote package fetches; and 5) if you lack trust in the @playwright/mcp source, inspect the package or vendor a vetted binary instead of relying on npx @latest.
功能分析
Type: OpenClaw Skill
Name: playwright-mcp-skill
Version: 1.0.0
The skill is classified as suspicious due to its inherent high-risk capabilities, despite including guardrails. It utilizes `npx -y @playwright/mcp@latest` (SKILL.md, references/usage-patterns.md), introducing a supply chain risk by fetching and executing the latest version of an external package. The `browser_run_code` operation (references/usage-patterns.md) allows arbitrary JavaScript execution within the browser, a powerful feature that could be abused if the agent were compromised. Additionally, the `uxc daemon stop` command (SKILL.md, references/usage-patterns.md) is used for process management, which, depending on the `uxc` implementation, could have broader implications. While these capabilities are aligned with browser automation, they present significant vulnerabilities without clear evidence of intentional malicious behavior from the skill's author.
能力评估
Purpose & Capability
Name/description, CLI examples, and uxc link guidance align with the stated goal of running @playwright/mcp via stdio. However the docs repeatedly reference a shared profile directory (~/.uxc/playwright-profile) and a daemon-exclusive env var (UXC_DAEMON_EXCLUSIVE) even though the skill metadata declares no config paths or env requirements — that's an unexplained config access pattern.
Instruction Scope
The SKILL.md instructs the agent to create fixed CLI links (uxc link), manipulate a local profile directory (~/.uxc/playwright-profile), stop the uxc daemon, and suggests setting UXC_DAEMON_EXCLUSIVE — these are side effects beyond simple stateless automation. The skill references an environment variable (UXC_DAEMON_EXCLUSIVE) and a filesystem path but the public requirements do not declare those, and the instructions grant the skill authority to read/write persistent profile state.
Install Mechanism
There is no install spec in the registry (instruction-only). Runtime execution relies on npx -y @playwright/mcp@latest which will fetch and run code from npm on first use. This is expected for a Node CLI integration but is a moderate operational risk (remote code execution on first run) and would be safer if a pinned version or explicit install step were recommended.
Credentials
The skill declares no required env vars but the docs reference UXC_DAEMON_EXCLUSIVE and instruct storing user-data under ~/.uxc/playwright-profile. Requesting or relying on a persistent user-data-dir can expose cookies/tokens and is not declared in metadata; absence of declared env/config requirements is an inconsistency.
Persistence & Privilege
always is false and model invocation is allowed (normal). The skill's recommended setup creates persistent CLI links (uxc link) and optional shared-profile storage, which gives it ongoing presence (stored profile data and created command wrappers). This is plausible for the use case but increases the blast radius compared to a purely ephemeral workflow.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install playwright-mcp-skill - 安装完成后,直接呼叫该 Skill 的名称或使用
/playwright-mcp-skill触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
- Initial release of playwright-mcp-skill for deterministic browser automation via @playwright/mcp over UXC stdio MCP.
- Supports daemon-friendly session reuse and safe action guardrails.
- Default workflow includes headless, isolated sessions; persistent shared profiles are optionally supported.
- Provides fixed command linking with `playwright-mcp-cli` for streamlined usage.
- Enforces JSON envelope protocol parsing and explicit guardrails for safe browser actions.
- Designed for CLI integration with prerequisites for Node.js, npx, and uxc.
元数据
常见问题
Playwright Mcp Skill 是什么?
Run browser automation through @playwright/mcp over UXC stdio MCP, with daemon-friendly session reuse and safe action guardrails. Use when tasks need determi... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 498 次。
如何安装 Playwright Mcp Skill?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install playwright-mcp-skill」即可一键安装,无需额外配置。
Playwright Mcp Skill 是免费的吗?
是的,Playwright Mcp Skill 完全免费(开源免费),可自由下载、安装和使用。
Playwright Mcp Skill 支持哪些平台?
Playwright Mcp Skill 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Playwright Mcp Skill?
由 jolestar(@jolestar)开发并维护,当前版本 v1.0.0。
推荐 Skills