← 返回 Skills 市场

Tinyfish Browser

Name: Tinyfish Browser
Author: bunsdev

作者 Val Alexander · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ✓ 安全检测通过

103

总下载

当前安装

版本数

在 OpenClaw 中安装

/install tinyfish-browser

功能描述

Spin up a remote browser session via the TinyFish Browser API and get a CDP URL for driving it. Use when you need an automatable Chromium session (Playwright...

使用说明 (SKILL.md)

TinyFish Browser

Create a remote Chromium browser session. Returns a session_id, a cdp_url for driving the browser over the DevTools Protocol, and an authenticated base_url for polling session state.

Requires: TINYFISH_API_KEY environment variable.

Pre-flight Check (REQUIRED)

Before calling the API, verify the key is present:

[ -n "$TINYFISH_API_KEY" ] && echo "TINYFISH_API_KEY is set" || echo "TINYFISH_API_KEY is NOT set"

If the key is not set, stop and ask the user to add it. Get one at \x3Chttps://agent.tinyfish.ai/api-keys>. Do NOT fall back to other browser tools.

Create a Session

curl -X POST "https://api.browser.tinyfish.ai" \
  -H "X-API-Key: $TINYFISH_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{ "url": "https://example.com" }'

Helper Script

scripts/browser.sh \x3Curl> wraps the curl call:

scripts/browser.sh https://example.com

Response Shape

{
  "session_id": "sess_abc123",
  "cdp_url": "wss://browser.tinyfish.ai/devtools/browser/…",
  "base_url": "https://api.browser.tinyfish.ai/sessions/sess_abc123"
}

Using the Session

cdp_url is a DevTools Protocol websocket — connect with Playwright/Puppeteer/chrome-remote-interface to drive the page.
base_url is an authenticated polling endpoint (requires the X-API-Key header). It is NOT browsable in a normal web view.

Session Lifecycle

Sessions auto-close after ~1 hour of idleness. There is no explicit terminate endpoint — avoid creating one session per user action; reuse sessions keyed by target URL when possible.

安全使用建议

This skill appears to do exactly what it says: it sends the given URL to TinyFish and returns a CDP websocket URL and session info. Before installing, confirm you trust tinyfish.ai and are comfortable sending a dedicated API key to their api.browser.tinyfish.ai endpoint. Create a scoped/revocable API key if possible. Note the helper script uses curl and python3 even though the registry metadata lists no required binaries—ensure those are available in your runtime. Treat TINYFISH_API_KEY as a secret (do not share it), and consider reviewing TinyFish's privacy and session lifetime policies since the returned cdp_url and base_url are authenticated endpoints that allow remote driving of a browser session.

功能分析

Type: OpenClaw Skill Name: tinyfish-browser Version: 1.0.0 The skill provides a legitimate interface for interacting with the TinyFish Browser API to manage remote Chromium sessions. The implementation in scripts/browser.sh is clean and follows best practices, such as using Python for safe JSON encoding of inputs to prevent injection, and the SKILL.md instructions are focused solely on the stated functionality without any signs of prompt injection, data exfiltration, or malicious intent.

能力标签

requires-sensitive-credentials

能力评估

ℹ Purpose & Capability

The skill's name, description, SKILL.md, and helper script all consistently call the TinyFish Browser API and require TINYFISH_API_KEY. Minor inconsistency: the file scripts/browser.sh invokes curl and python3 but the registry metadata lists no required binaries.

✓ Instruction Scope

SKILL.md instructs only to verify the API key is present and to POST the target URL to the TinyFish API, then return the session_id/cdp_url/base_url. It does not instruct reading unrelated files or environment variables and does not direct data to unexpected endpoints.

✓ Install Mechanism

There is no install spec (instruction-only plus a small helper script). Nothing is downloaded or written during install; risk from install mechanism is low.

✓ Credentials

The only required secret is TINYFISH_API_KEY, which is appropriate for an API-based browser service. The SKILL.md and script use the key only to authenticate requests to api.browser.tinyfish.ai.

✓ Persistence & Privilege

always is false and the skill does not request any permanent system presence or modify other skills' configs. Autonomous invocation (default) is allowed but not combined with other concerning factors.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install tinyfish-browser
安装完成后，直接呼叫该 Skill 的名称或使用 /tinyfish-browser 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

Initial release of tinyfish-browser. - Provides an interface to create remote Chromium browser sessions using the TinyFish Browser API. - Returns a session ID, a CDP URL for automation (Chromium DevTools Protocol), and a base URL for polling session state. - Requires a TINYFISH_API_KEY environment variable; prompts users if not set. - Sessions auto-expire after approximately 1 hour of inactivity. - Includes a helper shell script for streamlined session creation. - Documentation covers API usage, authentication, and recommendations on session handling.

元数据

Slug tinyfish-browser

版本 1.0.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题