← 返回 Skills 市场

THE_TIME_MASHEEN

Name: THE_TIME_MASHEEN
Author: mrjessek

作者 Jesse · GitHub ↗ · v1.0.2 · MIT-0

cross-platform ⚠ suspicious

316

总下载

当前安装

版本数

在 OpenClaw 中安装

/install the-time-masheen

功能描述

Combine live scraping, historical snapshots via Wayback Machine, and interactive browser automation to extract, compare, and automate web data from any site.

安全使用建议

This skill implements exactly what it claims—scraping, Wayback queries, and browser automation—but it includes features explicitly intended to evade protections and encourages scraping login- or paywall-gated content. Before installing or running it: - Verify the source: the README suggests fetching install.sh from raw.githubusercontent.com/mrjessek/the-time-masheen which does not match the registry owner metadata; confirm you trust that repository and author. - Avoid curl | bash from untrusted URLs. Prefer inspecting the bundled install.sh in this package (it runs pip3 and npm installs and is readable) or run installs manually in a controlled environment. - Run installs in an isolated environment (VM or container) to limit system-wide changes from pip/npm global installs and to contain browser binaries. - Consider legal and ethical implications: only use against sites you own or have explicit permission to scrape/automate; 'stealth' and 'solve-cloudflare' options facilitate evasion and may violate terms of service or laws. - Review the upstream PyPI/npm packages (scrapling, playwright-cli) and their reputations before installing. If you plan to use credentials for target sites, do not store them in shared environment variables; prefer interactive input and temporary session storage. Given the README/source inconsistency and the tool's explicit evasive capabilities, proceed with caution—audit sources and run in isolation. If you want, I can (a) compare the bundled install.sh to the raw GitHub script URL it points to, or (b) summarize which exact commands will be run by the installer so you can review them line-by-line.

功能分析

Type: OpenClaw Skill Name: the-time-masheen Version: 1.0.2 The skill provides a 'web intelligence' toolkit that integrates high-risk capabilities including automated browser interaction (clicking, form filling, and arbitrary JavaScript execution via `playwright-cli eval`) and stealth scraping designed to bypass bot protections like Cloudflare (via `scrapling`). While these tools are aligned with the stated purpose of advanced web research and archival analysis, they grant the agent significant power to interact with web applications and bypass security controls, which could be misused for unauthorized actions or data extraction. The `install.sh` script performs global npm installations and fetches browser binaries, and the `README.md` promotes a `curl | bash` installation method (IOC: `raw.githubusercontent.com/mrjessek/the-time-masheen/main/install.sh`).

能力评估

ℹ Purpose & Capability

The name/description claim three capabilities (live scraping via Scrapling, Wayback CDX queries, and Playwright-driven automation). The SKILL.md and references consistently instruct use of scrapling, curl (wayback), and playwright-cli, and the included install.sh installs exactly those packages. No unrelated credentials or system paths are requested. Overall the required components are proportionate to the stated purpose, but the README encourages bypassing site protections which is an ethical/legal concern rather than pure technical incoherence.

⚠ Instruction Scope

Runtime instructions explicitly teach how to (a) drive browsers to log in and fill credentials, (b) use 'stealthy-fetch --solve-cloudflare' and other anti-bot/evade options, and (c) scrape login-gated/paywalled content. The SKILL.md does not instruct reading unrelated local files or exfiltrating system secrets, but the skill's documented workflows are capable of collecting sensitive site content and require the user to supply credentials interactively. The README's language and the presence of features aimed at bypassing protections raise misuse concerns.

ℹ Install Mechanism

There is no formal install spec in the registry (instruction-only), but an install.sh is bundled which runs pip3 install "scrapling[all]" and npm install -g playwright-cli and then 'playwright install chromium' — standard package installs from PyPI and npm and normal for this toolset (moderate risk). However, README shows a curl | bash install line that pulls install.sh from raw.githubusercontent.com under a different GitHub username (mrjessek), which is an inconsistency and increases risk because it encourages executing a remotely fetched script; verify the exact source before running.

✓ Credentials

The skill declares no required environment variables or credentials (and none are stored in registry metadata). The references and CLI flags accept cookies, proxy strings, and headers (including proxy credentials), and the automation flow requires user-supplied login credentials for target sites — which is proportionate to scraping/login automation use cases. No extraneous platform credentials are requested by the skill itself.

✓ Persistence & Privilege

The skill does not request always:true, does not ask to modify other skills, and is user-invocable. The bundled install.sh installs packages globally (pip/npm -g) and browser binaries to the local system if run by the user; that is typical but you should be mindful of global installs. The skill does not request permanent registry-level privileges.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install the-time-masheen
安装完成后，直接呼叫该 Skill 的名称或使用 /the-time-masheen 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.2

Version 1.0.2 - Updated browser automation guidance: the playwright-cli handoff pattern now keeps the session active during scraping, instead of requiring manual cookie handling. - Added a new "Security" section outlining proper, ethical use and local data handling for browser automation features. - Improved clarity in instructions for login-gated site extraction and authentication workflows. - No code or functional logic was changed; documentation only.

v1.0.1

- Updated description wording to clarify support for "rendering-protected" sites instead of specifically "anti-bot protected" sites. - In the decision tree and instructions, changed references from "anti-bot / Cloudflare" to "heavily protected sites" and "rendering-protected". - No changes to code or technical implementation; documentation update only.

v1.0.0

Initial release providing full-spectrum web intelligence, combining live scraping, historical snapshot retrieval, and interactive browser automation. - Supports live scraping of static, dynamic (JS-heavy), and anti-bot-protected websites. - Enables retrieval and comparison of historical site versions via the Wayback Machine. - Adds interactive browser automation for login, navigation, and data extraction from complex web apps. - Allows session handoff between interactive automation and scraping tools. - Includes decision trees and CLI examples for each core use case.

元数据

Slug the-time-masheen

版本 1.0.2

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 3

常见问题

THE_TIME_MASHEEN 是什么？

Combine live scraping, historical snapshots via Wayback Machine, and interactive browser automation to extract, compare, and automate web data from any site. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 316 次。

如何安装 THE_TIME_MASHEEN？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install the-time-masheen」即可一键安装，无需额外配置。

THE_TIME_MASHEEN 是免费的吗？

是的，THE_TIME_MASHEEN 完全免费，采用 MIT-0 许可证，可自由下载、安装和使用。

THE_TIME_MASHEEN 支持哪些平台？

THE_TIME_MASHEEN 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 THE_TIME_MASHEEN？

由 Jesse（@mrjessek）开发并维护，当前版本 v1.0.2。