← 返回 Skills 市场
shaihazher

tappi

作者 shaihazher · GitHub ↗ · v3.5.0
cross-platform ⚠ suspicious
811
总下载
0
收藏
1
当前安装
10
版本数
在 OpenClaw 中安装
/install tappi
功能描述
Lightweight CDP browser control for AI agents. Token-efficient alternative to the built-in browser tool — 3-10x fewer tokens per interaction. Use when browsi...
安全使用建议
This package appears to implement what it says (a lightweight CDP CLI) but exercise caution before installing: - The tool requires Node.js/npm and a Chrome/Chromium with --remote-debugging-port; the registry metadata did not declare Node as a required binary — confirm you want to run Node scripts from this skill. - The CLI can read local files (paste --file) and inject files into web pages (upload), and it can execute arbitrary JS in pages (eval). These behaviors are necessary for its features but can expose sensitive files or send data to external sites if misused. Do not run it with a browser profile that has signed-in accounts or sensitive cookies unless you trust the code and environment. - The CDP endpoint defaults to localhost, but CDP_URL can be changed; avoid pointing it at untrusted remote endpoints. - Review the full scripts/browser.js (and any truncated parts) yourself or run in an isolated environment (container or VM) before giving it access to real data or profiles. - If you decide to proceed: run the install step yourself (cd scripts && npm install), inspect installed node_modules (ws), and consider restricting the browser profile used (use a disposable profile or containerized browser).
功能分析
Type: OpenClaw Skill Name: tappi Version: 3.5.0 The skill is suspicious due to its powerful capabilities that, while aligned with browser automation, present significant prompt injection risks against an AI agent. Specifically, `scripts/browser.js` implements an `eval` command allowing arbitrary JavaScript execution within the browser context, and `paste --file` and `upload` commands that can read local files. A compromised agent could be prompted to use these commands to exfiltrate sensitive browser data (e.g., cookies, local storage via `eval`) or local files (e.g., `~/.ssh/id_rsa` via `paste --file` then exfiltrated via `eval` making a network request).
能力评估
Purpose & Capability
The SKILL.md and embedded scripts implement a local Node.js CLI that talks to a Chrome DevTools Protocol endpoint — this matches the skill description. However, the registry metadata lists no required binaries while SKILL.md instructs you to run `npm install` and run `node` (Node.js/npm are functionally required). That metadata omission is a mismatch and should have been declared. Also SKILL.md claims 'instruction-only' install but includes sizeable JS code that must be installed and run.
Instruction Scope
Instructions are narrowly scoped to controlling a Chrome/Chromium instance via CDP (navigate, click, type, upload, eval, screenshot). Those actions are expected for this purpose. Important note: several commands intentionally read local files (paste --file, upload) and run arbitrary JS in page context (eval), which are coherent with the tool's functionality but enable reading local files and interacting with remote websites (potential exfiltration).
Install Mechanism
There is no formal install spec in the registry, but SKILL.md instructs the user to run `cd scripts && npm install`, which pulls the 'ws' package from npm. Using npm is a reasonable choice for a Node CLI, but it is a moderate-risk install path compared with no-install — it writes code to disk and pulls third-party packages. The registry should have declared this requirement.
Credentials
The skill declares no required environment variables, and the code defaults to a local CDP endpoint at http://127.0.0.1:18800 (override via CDP_URL). That is proportionate. Caveat: if CDP_URL is set to a remote endpoint, the tool could talk to a non-local CDP (potential exfiltration). The ability to read files and upload them to web pages is functionally justified but increases privacy risk; these capabilities are powerful and should be used only with trusted profiles and content.
Persistence & Privilege
The skill does not request always:true or modify other skills or agent-wide settings. It requires explicit invocation and runs as a local Node CLI; no elevated or persistent platform privileges are requested.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install tappi
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /tappi 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v3.5.0
grep filtering for text and elements. Use bjs text | grep or bjs elements | grep to filter output. Saves context for smaller models.
v3.4.0
Tool hierarchy documentation: Smart vs Low-level actions. type() uses el.focus() before mouse click. paste command with file support and auto-verify.
v3.3.0
type() uses el.focus() before mouse click to avoid popups. Tool-level housekeeping so agents don't need to worry about focus management.
v3.2.0
Auto-verify on type and click. type reports char count + verification. click reports navigation, checkbox state, dialog changes. paste command for reliable long content insertion.
v3.1.0
Add paste command — reliable content insertion with auto-verify and file support. Add focus and check commands.
v3.0.0
Add focus() and check() commands for input verification and focus recovery. Updated agent tool descriptions with verification guidance.
v2.3.0
Fix Sheets docs: --enter doesn't advance rows, use Name Box navigation per row + --tab within rows
v2.2.0
Add 'keys' command for raw CDP keyboard input — works on canvas-based apps (Google Sheets, Docs, Figma)
v2.1.0
- Updated dependencies in scripts/package.json and scripts/package-lock.json. - Minor internal updates to scripts/browser.js; no user-facing command changes. - Documentation (SKILL.md) and metadata unchanged. - No new features or behavior changes in this release.
v2.0.0
Renamed from browser-js. tappi is a lightweight CDP browser control tool for AI agents — 3-10x fewer tokens than accessibility tree tools. Shadow DOM piercing, coordinate commands, file uploads.
元数据
Slug tappi
版本 3.5.0
许可证
累计安装 2
当前安装数 1
历史版本数 10
常见问题

tappi 是什么?

Lightweight CDP browser control for AI agents. Token-efficient alternative to the built-in browser tool — 3-10x fewer tokens per interaction. Use when browsi... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 811 次。

如何安装 tappi?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install tappi」即可一键安装,无需额外配置。

tappi 是免费的吗?

是的,tappi 完全免费(开源免费),可自由下载、安装和使用。

tappi 支持哪些平台?

tappi 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 tappi?

由 shaihazher(@shaihazher)开发并维护,当前版本 v3.5.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论