← 返回 Skills 市场
234
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install reach
功能描述
Agent web interface. Browse websites, fill forms, login to services, sign transactions, send/receive email, solve CAPTCHAs, and interact with the web autonom...
安全使用建议
This skill includes real code that will run locally (Playwright, ethers, mailbox/webhook code) and offers powerful capabilities: automated logins, CAPTCHA solving via a third-party service, sending/receiving email, signing transactions and making payments, and persisting cookies/state to disk. Before installing, consider the following:
- Mismatch: the registry claims no required env vars, but SKILL.md/source expect PRIVATE_KEY, RPC_URL, CAPSOLVER_API_KEY, RESEND_API_KEY, GITHUB_TOKEN. Treat that as a red flag and ask the publisher to reconcile metadata.
- Secrets: do NOT provide a real wallet PRIVATE_KEY or high-value credentials. If you want to test, use an ephemeral wallet with minimal funds and throwaway API keys.
- Isolation: run the skill in a contained environment (dedicated VM or container) because installing/using it requires npm install and Playwright and will persist files under data/.
- Webhooks & external services: the webhook server and remote inbox will accept inbound network requests; verify endpoints (CapSolver, Resend, ExoHost) and consider network restrictions if you don't trust the publisher.
- Review code paths that handle signing/payments, authenticate flows, and webhook handlers (primitives/sign.js, primitives/authenticate.js, utils/webhook-server.js, primitives/captcha.js, primitives/email.js). Look for any unexpected external endpoints or hard-coded secrets.
- If you require the functionality but want lower risk: run without PRIVATE_KEY and without CAPSOLVER/RESEND keys, which will disable payment and third-party services; or request a version with explicit minimal-surface mode (read-only browsing, no signing/email/webhook).
Because the skill requests multiple sensitive integrations but the registry metadata omits them, treat this as suspicious until the author provides corrected metadata and a clear trust/audit story.
功能分析
Type: OpenClaw Skill
Name: reach
Version: 0.2.0
The bundle is a high-capability automation framework providing primitives for browser control, crypto-wallet signing, and email management. While it appears to be a legitimate tool for the 'Exoskeleton' agent ecosystem, it possesses high-risk features including session cookie harvesting (src/utils/cookie-import.js), automated CAPTCHA solving (src/primitives/captcha.js), and the ability to sign transactions using a provided private key (src/primitives/sign.js). The 'Remote Inbox' and 'Agent Identity' features rely on external infrastructure (mfer.one), which, combined with the broad web-interaction capabilities, creates a significant attack surface for credential theft or unauthorized financial activity if the agent is misdirected.
能力评估
Purpose & Capability
The name/description (web/browser automation, forms, email, signing, payments) aligns with the included code and primitives. However the registry metadata lists no required environment variables or credentials while SKILL.md and source reference sensitive variables (PRIVATE_KEY, RPC_URL, CAPSOLVER_API_KEY, RESEND_API_KEY, GITHUB_TOKEN). That mismatch (declaring no credentials vs. code clearly needing them) is inconsistent and unexpected.
Instruction Scope
SKILL.md and the code instruct the agent to run local servers (MCP, webhook server), persist user data (cookies, inbox, screenshots, state under data/), auto-solve CAPTCHAs via a third-party solver, send and receive email, sign transactions and send payments, and interact with arbitrary websites. These instructions go well beyond simple read-only browsing and can access and transmit sensitive information. The instructions also rely on running node scripts in the package (e.g., node src/mcp.js), and include steps that will store persistent files locally.
Install Mechanism
The registry lists no install spec, yet the package contains a package.json and package-lock.json with heavy native/user-level dependencies (playwright, ethers, node-fetch, dotenv). That means installing/running the skill will require npm install and Playwright browser binaries — substantial code execution on the host — but the registry provided no automated install guidance or declared risks. The dependencies themselves are from standard registries (npm) and appear legitimate, but the absence of an install spec is an incoherence that reduces transparency.
Credentials
SKILL.md and source files expect several highly sensitive environment variables (PRIVATE_KEY for signing/payments, RPC_URL, CAPSOLVER_API_KEY for CAPTCHA solving, RESEND_API_KEY for sending mail, GITHUB_TOKEN for API access). Those variables are proportionate to the features offered, but the registry metadata incorrectly declares none required and does not declare a primary credential. Requiring a private key and multiple tokens without declaring them up-front is a serious mismatch and increases the risk of accidental secret exposure.
Persistence & Privilege
The skill persists cookies, session files, inbox JSON, screenshots, and state under data/. It starts a local webhook server to receive inbound email/webhooks. It does not set always:true and doesn't appear to modify other skills, but persistence and webhook exposure mean data handled by the skill remains on disk and could be used later. Consider the blast radius if the agent is allowed to run autonomously while these files exist.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install reach - 安装完成后,直接呼叫该 Skill 的名称或使用
/reach触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.2.0
Add domains, email inbox, CAPTCHA solving, error recovery, accurate feature list
元数据
常见问题
Reach 是什么?
Agent web interface. Browse websites, fill forms, login to services, sign transactions, send/receive email, solve CAPTCHAs, and interact with the web autonom... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 234 次。
如何安装 Reach?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install reach」即可一键安装,无需额外配置。
Reach 是免费的吗?
是的,Reach 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Reach 支持哪些平台?
Reach 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Reach?
由 Potdealer(@potdealer)开发并维护,当前版本 v0.2.0。
推荐 Skills