← 返回 Skills 市场
Tap
作者
LeonTing1010
· GitHub ↗
· v0.1.2
· MIT-0
114
总下载
0
收藏
1
当前安装
3
版本数
在 OpenClaw 中安装
/install tap
功能描述
AI browser automation protocol — run pre-built skills for 41 sites, or forge new ones. MCP native, deterministic, zero AI at runtime.
安全使用建议
This tool is coherent for browser automation but comes with real privileges: the Chrome extension's debugger permission lets Tap read and control active tabs (including logged-in accounts), and 'tap install' can bring in and run community JavaScript stored under ~/.tap. Before installing: (1) inspect the GitHub repo, the Homebrew formula, and the extension manifest and source to confirm the debugger usage and no hidden permissions; (2) review community taps before running them; (3) if possible run Tap in an isolated browser/profile without sensitive logins or sync enabled; (4) prefer building from source after auditing code or verifying the release build provenance in CI; (5) avoid enabling autonomous invocation unless you accept that an agent could drive your browser using your active sessions. Proceed only if you are comfortable with those risks or can sandbox the browser environment.
功能分析
Type: OpenClaw Skill
Name: tap
Version: 0.1.2
The 'tap' skill bundle provides extensive browser automation capabilities, including direct page manipulation (typing, clicking) and network requests via a Chrome extension requiring high-privilege 'debugger' permissions. A significant risk is identified in SKILL.md, which describes a 'tap install' command that fetches and executes external JavaScript 'skills' from a remote GitHub repository (LeonTing1010/tap-skills), creating a supply chain/RCE vector. While these capabilities are aligned with the stated purpose of deterministic automation, the combination of broad browser control and remote script execution is inherently high-risk.
能力评估
Purpose & Capability
The name/description, required binary 'tap', and brew install all match a browser-automation tool. No unrelated environment variables or config paths are requested. One note: the skill claims it can publish/post to many sites but does not declare any API credentials — this implies it will act using your active browser sessions (via the extension), which is coherent but important to understand.
Instruction Scope
Runtime instructions direct installing a Chrome extension with the 'debugger' permission and using page APIs (click/type/screenshot/fetch). Those capabilities let Tap read and act on the active tab (including logged-in sessions) and could exfiltrate data. The workflow also encourages running community scripts via 'tap install' and forging new taps (inspect/verify/save), which involves executing or persisting JavaScript from external sources into ~/.tap — a real execution/exfiltration vector. The SKILL.md claims the extension only activates when invoked and doesn't request cookies/<all_urls>, but the debugger API can still access page content and CDP-level data; that should be verified in the actual extension manifest and source.
Install Mechanism
Install uses a Homebrew formula from a GitHub tap and points to GitHub Releases — both standard distribution paths (moderate risk). The build-from-source path uses 'deno compile' with broad flags (--allow-read/write/net/env/run) which, if performed blindly, grants the build step wide host access; review source and CI if you intend to build locally. No arbitrary HTTP download from obscure hosts is instructed.
Credentials
No environment variables or external credentials are requested, which is consistent if Tap operates via the browser session. That means actions like posting will use whatever accounts are logged into your browser — a permission model shift versus API-key-based tools. The absence of declared credentials is coherent but increases risk because browser sessions contain sensitive auth state.
Persistence & Privilege
always:false (good), but the skill is meant to be registered as an MCP server entry so the agent can invoke it autonomously. Combined with the extension's debugger privilege and the ability to install/execute community taps, this gives an autonomous agent a large blast radius (it could drive your browser and act as your logged-in user). The skill does persist user-forged taps under ~/.tap, which is expected, but any community taps should be reviewed before execution.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install tap - 安装完成后,直接呼叫该 Skill 的名称或使用
/tap触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.2
v0.1.2: Add Security & Trust section. Replace --allow-all with explicit permissions.
v0.1.1
v0.1.1: Clean up SKILL.md — remove shell pipe install, simplify tool descriptions.
v1.0.0
Initial release — AI browser automation protocol. 81 pre-built skills across 41 sites, 38 MCP tools, forge once run forever.
元数据
常见问题
Tap 是什么?
AI browser automation protocol — run pre-built skills for 41 sites, or forge new ones. MCP native, deterministic, zero AI at runtime. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 114 次。
如何安装 Tap?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install tap」即可一键安装,无需额外配置。
Tap 是免费的吗?
是的,Tap 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Tap 支持哪些平台?
Tap 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Tap?
由 LeonTing1010(@leonting1010)开发并维护,当前版本 v0.1.2。
推荐 Skills