use-my-browser

par xixu-me

À utiliser lorsque le travail dépend de la session de navigateur en direct de l'utilisateur ou de l'état rendu visible plutôt que de récupérations statiques, en particulier pour les contextes de débogage de navigateur ou les éléments ou requêtes sélectionnés via DevTools, les tableaux de bord connectés ou les flux CMS, les applications localhost, les formulaires, les téléversements, les téléchargements, l'inspection des médias, l'inspection DOM ou iframe, le Shadow DOM, ou les échecs de navigateur ressemblant à des soft 404, des murs d'authentification, des vérifications anti-bot ou des limites de débit.

npx skills add https://github.com/xixu-me/skills --skill use-my-browser
Télécharger ZIPGitHub

Do not treat this skill as a generic browsing default. Route from the evidence you need, not from tool preference.

Every task must be classified before you choose a route:

  • static-capable: the evidence can be produced without live browser state, visible confirmation, or page interaction
  • browser-required: the evidence depends on rendered state, interaction, live session behavior, or browser-only structures

Only static-capable tasks may fall back to static retrieval, curl, or other non-browser paths. Once a task is browser-required, stay on the browser path and mark missing capability as blocked instead of silently downgrading.

Prerequisite check

This skill is for work inside the user's live browser session, not for launching a separate fresh automation browser.

Before doing browser automation, confirm that your environment already has access to a live browser stack that can provide the capabilities the task depends on, such as page inventory, task-owned page creation, page selection, snapshots or visible-state reads, DOM inspection, text or form input, uploads, dialogs, console inspection, and network inspection. The exact stack does not matter here: confirm capability, not brand.

If the live browser stack is unavailable, do not attempt browser automation through this skill. Only static-capable work may fall back to static retrieval.

Live browser automation can trigger anti-bot or anti-automation defenses on some sites. Use browser interaction only when the task truly needs it, and avoid unnecessary repetitive actions once the needed evidence has been obtained.

Experience loop

Treat site patterns as part of the browser protocol, not as optional background reading.

For browser-required work, run this loop:

  1. As soon as the target domain is known, check whether a matching note already exists under references/site-patterns/.
  2. If a note exists, read it before the first meaningful browser mutation on that domain.
  3. During the run, watch for verified site-specific facts that would change how a future run should operate.
  4. Before you consider the task complete, decide whether the run produced a reusable fact, disproved an existing fact, or produced no reusable site-specific learning.
  5. If the run verified something reusable or disproved an existing claim, update the matching note before finishing.

Do not create a domain note for one-off noise. Do not skip the end-of-run review just because the task itself succeeded.

Writeback is expected when a run verifies any of the following:

  • a stable route shape or required query parameter
  • a login, session inheritance, or isolatedContext quirk
  • a reliable interaction primitive such as hover, keyboard entry, upload sequencing, or a selector bridge pattern
  • a domain where DOM-generated links are reliable but hand-built URLs are not
  • predictable anti-automation friction or a misleading platform error state
  • a reusable media extraction or iframe / Shadow DOM access pattern

Decision guide

Start with the outcome, not the tool. Make the user's goal explicit, define what counts as done, and choose the cheapest route that can still produce the right evidence.

Use this routing order:

  1. Decide whether the task is static-capable or browser-required.
  2. If the task is static-capable, load references/task-routing.md and stay on the cheapest route that still satisfies the evidence target.
  3. If the task is browser-required, load references/browser-playbook.md.
  4. If browser-required capability is uncertain in a fresh host session, also load references/browser-capability-matrix.md.
  5. If the user already has an active browser debugging context, such as a selected inspector element or network request, also load references/debug-handoff.md.
  6. If the browser-required task touches a logged-in dashboard, admin surface, CMS, editor, or any save / publish / update flow, also load references/control-plane-workflows.md.
  7. If the current failure shape suggests a soft 404, content-unavailable state, suspicious no-op interaction, auth wall, rate limit, or anti-automation defense, also load references/anti-automation-friction.md.
  8. If the browser-required task includes iframe, Shadow DOM, collapsed content, or lazy-loaded evidence, also load references/deep-dom.md.
  9. If the important evidence lives in an image, audio clip, or video, also load references/media-inspection.md.
  10. If browser work can be divided across independent page owners or sub-agents, also load references/parallel-browser-ownership.md.
  11. If you already know a reliable selector but need an MCP-native uid target, also load references/selector-bridge.md.
  12. If page actions leave state ambiguous, a page unexpectedly navigates, an old uid may have gone stale, or console / network inspection is now needed to explain the next browser decision, also load references/browser-recovery.md.
  13. If the target site already has a matching domain note under references/site-patterns/, read that note before operating on the site.

Treat the following as browser-required by default:

  • localhost, 127.0.0.1, or benchmark-style local fixtures
  • uploads, downloads, drag-and-drop, hover, keyboard-native entry, or visible confirmation states
  • same-origin iframe inspection, Shadow DOM inspection, details / collapsed evidence, or lazy-loaded content
  • any task where "what the page visibly shows" is itself the evidence

The normal happy path for a common task is this entrypoint plus one or two references, not the entire reference set.

Hard rules

  • Use browser interaction only when live browser state is part of the evidence or required action.
  • Once a task is browser-required, do not silently downgrade.
  • Treat this file as the entrypoint and each reference file as a single-purpose authority. Do not duplicate rules across files.
  • Keep reference loading one level deep. Decide the next file from this entrypoint instead of turning one reference into a hub that links to more references.
  • Do not ask the user to log in just because a page looks restricted. First confirm whether the target content or action is actually blocked.
  • Prefer site-generated DOM links over hand-built URLs once the page has shown you the path it expects.
  • Prefer MCP-native actions over script-driven interaction when the task is genuinely an in-browser action.
  • Only close pages you created.
  • Prefer primary sources over aggregators or repeated secondary reporting.
  • If a matching site pattern note exists, read it before the first meaningful browser mutation on that domain.
  • Do not finish a browser-required task without explicitly checking whether the run should create, update, downgrade, or remove a site-pattern claim.
  • If an existing site-pattern claim fails under comparable conditions, stop trusting it, fall back to the generic workflow, and update the note instead of retrying the stale assumption.
  • Do not use curl, Invoke-WebRequest, or shell HTTP fetches for browser-required tasks.
  • Do not treat a generic page-opening tool as evidence that localhost deep interaction is available.
  • Do not switch routes just because a browser capability probe failed. Record the missing capability and stop.
  • When the user indicates an active browser debugging context, prefer handoff from that current context over fresh reproduction from scratch.

Reference index

Plus de skills de xixu-me

github-actions-docs
xixu-me
Utiliser lorsque les utilisateurs demandent comment écrire, expliquer, personnaliser, migrer, sécuriser ou résoudre des problèmes liés aux workflows GitHub Actions, à la syntaxe des workflows, aux déclencheurs, aux matrices, aux runners, aux workflows réutilisables, aux artefacts, à la mise en cache, aux secrets, à OIDC, aux déploiements, aux actions personnalisées ou à Actions Runner Controller, en particulier lorsqu'ils ont besoin de la documentation officielle de GitHub, de liens exacts ou de conseils YAML basés sur la documentation.
developmentdevopsdocument
readme-i18n
xixu-me
Utiliser lorsque l'utilisateur souhaite traduire un README de dépôt, rendre un dépôt multilingue, localiser de la documentation, ajouter un sélecteur de langue, internationaliser le README, ou mettre à jour des variantes localisées du README dans un dépôt de type GitHub.
documentdevelopmentapi
openclaw-secure-linux-cloud
xixu-me
Utiliser lors de l'auto-hébergement d'OpenClaw sur un serveur cloud, du durcissement d'une passerelle OpenClaw distante, du choix entre le tunneling SSH, Tailscale ou l'exposition par proxy inverse, ou de l'examen des paramètres par défaut de Podman, de l'appairage, du sandboxing, de l'authentification par jeton et des permissions d'outils pour un déploiement personnel sécurisé.
devopssecurity
develop-userscripts
xixu-me
À utiliser lors de la construction, du débogage, du packaging ou de la publication de userscripts pour navigateur destinés à Tampermonkey ou ScriptCat, incluant les API GM, les blocs de métadonnées, les problèmes de permissions, la configuration @match/@grant/@connect, les scripts d’arrière-plan ou planifiés de ScriptCat, les blocs UserConfig, ou les workflows d’abonnement.
developmentbrowser-automationweb-scraping
secure-linux-web-hosting
xixu-me
À utiliser lors de la configuration, du durcissement ou de la révision d’un serveur cloud pour l’auto-hébergement, incluant DNS, SSH, pare-feu, Nginx, hébergement de site statique, proxy inverse d’une application, HTTPS avec Let’s Encrypt ou clients ACME, redirections sécurisées HTTP vers HTTPS, ou réglage réseau optionnel après lancement comme BBR.
devopssecurityaws
opensource-guide-coach
xixu-me
Utilisez lorsque l'utilisateur souhaite des conseils pour démarrer, contribuer, développer, gouverner, financer, sécuriser ou maintenir un projet open source, ou s'interroge sur l'intégration des contributeurs, la santé de la communauté, l'épuisement des mainteneurs, le code de conduite, les métriques, les bases juridiques ou l'adoption d'un projet open source.
developmentresearch
running-claude-code-via-litellm-copilot
xixu-me
Use when routing Claude Code through a local LiteLLM proxy to GitHub Copilot, reducing direct Anthropic spend, configuring ANTHROPIC_BASE_URL or ANTHROPIC_MODEL overrides, or troubleshooting Copilot proxy setup failures such as model-not-found, no localhost traffic, or GitHub 401/403 auth errors.
developmentapidevops
skills-cli
xixu-me
Use when users ask to discover, install, list, check, update, remove, back up, restore, sync, or initialize Agent Skills, mention `bunx skills`, `npx skills`, `skills.sh`, or `skills-lock.json`, ask "find a skill for X", or want help extending agent capabilities with installable skills.
developmentapiproductivity