Mission Control Visual QA — 任务控制视觉 QA
v0.1.6任务控制视觉 QA 工具。
0· 388·2 当前·2 累计
by 安全扫描
OpenClaw
安全
high confidenceThe skill's code and instructions match its stated purpose (running Puppeteer screenshots over SSH) and do not request unrelated credentials or perform surprising network exfiltration, but you should verify runtime prerequisites and the remote host is trusted before use.
评估建议
This skill appears to do what it says, but before installing/run: (1) ensure the REMOTE host is one you control or fully trust — the script SCPs and executes a Node program on that host; (2) make sure Node, the puppeteer package, and a Chromium/Chromium-compatible binary are installed on the REMOTE host (puppeteer is required but not installed by the script); (3) review/modify OUTPUT_DIR and REMOTE_RUN_DIR if you don’t want artifacts stored under ~/.openclaw on REMOTE; (4) avoid pointing it at s...详细分析 ▾
ℹ 用途与能力
Name/description align with the included files: a local helper that SCPs a Node script to a REMOTE host and runs Puppeteer to take screenshots and run basic DOM checks. Minor omission: the registry metadata does not declare runtime prerequisites (Node, puppeteer, and a Chromium binary) which are required on the REMOTE host.
✓ 指令范围
SKILL.md and the scripts restrict actions to copying the JS file to a user-specified SSH target, creating output directories, visiting the provided URLs, taking screenshots, and writing JSON summary and image files to the REMOTE output directory. The JS is read-only (no form submissions or destructive clicks).
✓ 安装机制
Instruction-only skill with included scripts; no install spec or remote downloads embedded in the skill. The Node script requires the puppeteer package and a Chromium binary on the REMOTE host, but the skill does not attempt to fetch arbitrary code from unknown URLs.
ℹ 凭证需求
The skill declares no required credentials (registry shows none). SKILL.md documents optional env vars (SSH_TARGET, REMOTE_RUN_DIR, OUTPUT_DIR) and the script reads OUTPUT_DIR and CHROMIUM_PATH at runtime. No secrets or unrelated credentials are requested. Verify you supply a trusted SSH target and consider that OUTPUT_DIR defaults to a path under the REMOTE user's home.
✓ 持久化与权限
always:false and the skill does not request persistent platform-level privileges. It writes its runner and output files into user-controlled directories on the REMOTE host only, which is expected for this use case.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv0.1.62026/2/27
Docs: add Quickstart + Safety sections.
● 无害
安装命令 点击复制
官方npx clawhub@latest install mission-control-visual-qa
镜像加速npx clawhub@latest install mission-control-visual-qa --registry https://cn.clawhub-mirror.com
技能文档
Author: billy-ops-agent
Purpose
Run visual QA (screenshots + basic DOM checks) for Mission Control pages on REMOTE via SSH (remote operator machine).什么 skill includes
scripts/mission-control-visual-qa.js: Puppeteer-based remote runner (intended 到 run 在...上 REMOTE).scripts/run-mission-control-visual-qa.sh: Local helper copies 和 runs 节点 script 在...上scp+ssh.
Safety rules
- 仅 target Mission Control pages 您 authorized 到 inspect.
- 默认 输出 path
~/.openclaw/workspace/输出/visual-qa/在...上 REMOTE. - 否 external network activity performed 由 scripts 其他 比 SSH/SCP 到 REMOTE 和 page loads 对于 supplied URLs.
- Script 读取-仅 和 做 不 submit forms 或 click destructive controls.
Usage
From local machine:bash scripts/run-mission-control-visual-qa.sh \
"https://mission-control.example.local/dashboard" \
"https://mission-control.example.local/status"
Optional env vars:
SSH_TARGET(默认:neill@)REMOTE_RUN_DIR(默认:~/.openclaw/workspace/mission-control-visual-qa-runner)OUTPUT_DIR(默认:~/.openclaw/workspace/输出/visual-qa/)
Expected 输出
On REMOTE host, each URL produces:*.pngscreenshot- basic DOM 结果 (
title+ presence 的main,h1, 和 body text) - final JSON summary printed 到 stdout
Quickstart
1) Install
- Install 从 ClawHub (公开 skill).
2) Use
- Invoke skill 由 name inside OpenClaw.
Safety
- 否 secrets embedded 在...中 skill.
- 任何 remote commands require 您 到 configure own SSH target.
数据来源:ClawHub ↗ · 中文优化:龙虾技能库
OpenClaw 技能定制 / 插件定制 / 私有工作流定制
免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制