← Back to Skills Marketplace
81
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install personal-agent-browser
Description
一个为你的个人数字大脑设计的浏览器自动化技能。它调用你本地安装的 agent-browser CLI,安全地访问网页,提取标题和内容,并返回结构化摘要,让 AI 助手能理解并总结网页信息。 **使用场景**: (1) 用户要求:“帮我查看一下我的技能在 ClawHub 上的页面” (2) 用户希望 AI 自动抓取...
Usage Guidance
This skill is internally plausible but contains a real risk: run_browser.js passes an unescaped URL to child_process.exec, enabling shell command injection and arbitrary command execution if a malicious URL is provided or if the local agent-browser binary is replaced. Before installing or using: (1) Verify the provenance of the npm package `agent-browser` (review its source and npm owner) and ensure your PATH points to the intended binary. (2) Inspect and patch run_browser.js to avoid exec with an interpolated shell string — use spawn/execFile with an args array or properly escape/sanitize the URL. (3) Avoid invoking the skill on untrusted URLs; consider blocking file:// and other local schemes. (4) Update the skill manifest to declare required binaries/Node so requirements are clear. If you cannot review or fix the script and the agent-browser package, treat this skill with caution.
Capability Analysis
Type: OpenClaw Skill
Name: personal-agent-browser
Version: 1.1.0
The skill contains a critical shell injection vulnerability in `run_browser.js` because it passes unsanitized user input (the URL) directly into a shell command via `child_process.exec`. While the stated intent of browser automation appears benign, this flaw allows for arbitrary command execution on the host system if a malicious URL is provided. The documentation in `SKILL.md` also references a hardcoded local path (`/home/awu/`) which may indicate a non-portable or poorly tested environment.
Capability Assessment
Purpose & Capability
The name/description promise a local browser wrapper that calls a local agent-browser CLI — that matches the included run_browser.js. However the registry metadata lists no required binaries while SKILL.md explicitly requires the agent-browser CLI and Node.js and even references a user-specific install path (/home/awu/.npm-global/bin/agent-browser). The manifest should declare the CLI dependency instead of omitting it.
Instruction Scope
run_browser.js constructs a shell command using the raw URL: `agent-browser --url="${url}" ...` and passes it to child_process.exec. That allows command injection if the URL is attacker-controlled (or contains quotes/shell metacharacters). The instructions claim 'fully local' and 'safe', but the code gives the skill the ability to run arbitrary shell commands via the exec call. The script also allows arbitrary URLs (including file://), which could be used to access local files via the invoked CLI.
Install Mechanism
There is no install spec in the skill package itself (instruction-only), which is lower risk for the skill, but SKILL.md instructs the user to run `npm install -g agent-browser` without providing provenance. Installing an arbitrary npm global package has risk if that package or its name is untrusted or typosquatted.
Credentials
The skill requests no environment variables or credentials and does not read other system paths in code. That is proportionate. The SKILL.md's hardcoded example path (/home/awu/.npm-global/bin/agent-browser) is user-specific and unexpected; it is not declared in the manifest and could confuse users.
Persistence & Privilege
The skill is not always-enabled and does not request persistent privileges or modify other skills or system-wide settings. It does run a local CLI when invoked, which is the intended behavior.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install personal-agent-browser - After installation, invoke the skill by name or use
/personal-agent-browser - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.0
openclaw-agent-browser 1.1.0
- 技能名称由 personal-agent-browser 更名为 openclaw-agent-browser
- 安装指令和文档中的相关引用同步更换为新名称
- 其余核心功能和使用说明保持不变
v1.0.0
Personal Agent Browser 1.0.0
- Initial release of a local browser automation skill for your personal digital assistant.
- Uses your locally installed agent-browser CLI to fetch, extract, and summarize web page content.
- Delivers web page title and Markdown content as structured JSON for AI parsing.
- Fully local: No data leaves your machine; no external APIs or cloud services required.
- Designed for secure, controlled, and transparent web interactions via the AI assistant.
Metadata
Frequently Asked Questions
What is Personal Agent Browser?
一个为你的个人数字大脑设计的浏览器自动化技能。它调用你本地安装的 agent-browser CLI,安全地访问网页,提取标题和内容,并返回结构化摘要,让 AI 助手能理解并总结网页信息。 **使用场景**: (1) 用户要求:“帮我查看一下我的技能在 ClawHub 上的页面” (2) 用户希望 AI 自动抓取... It is an AI Agent Skill for Claude Code / OpenClaw, with 81 downloads so far.
How do I install Personal Agent Browser?
Run "/install personal-agent-browser" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Personal Agent Browser free?
Yes, Personal Agent Browser is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Personal Agent Browser support?
Personal Agent Browser is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Personal Agent Browser?
It is built and maintained by awublack (@awublack); the current version is v1.1.0.
More Skills