develop-userscripts

oleh xixu-me

Gunakan saat membangun, men-debug, memaketkan, atau menerbitkan userscript peramban untuk Tampermonkey atau ScriptCat, termasuk API GM, blok metadata, masalah izin, pengaturan @match/@grant/@connect, skrip latar belakang atau terjadwal ScriptCat, blok UserConfig, atau alur kerja langganan.

npx skills add https://github.com/xixu-me/skills --skill develop-userscripts
Unduh ZIPGitHub

Userscript work usually breaks at the runtime and metadata boundary, not in the page logic. Choose the runtime first, declare the minimum permissions up front, then debug in the environment where the script actually runs.

When to Use

Use this skill for:

  • writing or fixing a Tampermonkey or ScriptCat userscript
  • debugging injection timing, missing permissions, CSP workarounds, update checks, or GM_* behavior
  • deciding between a portable foreground script and ScriptCat-only @background or @crontab
  • adding config UI with ==UserConfig==
  • packaging a ScriptCat ==UserSubscribe== bundle or preparing a CloudCat-compatible script

Do not use this skill for full browser extension development or general browser automation outside userscript managers.

Runtime Selection

digraph userscript_runtime {
    "Need page DOM or page context?" [shape=diamond];
    "Need persistent or scheduled work?" [shape=diamond];
    "Need to install many scripts as one package?" [shape=diamond];
    "Portable foreground script" [shape=box];
    "ScriptCat background or crontab script" [shape=box];
    "ScriptCat subscription package" [shape=box];

    "Need page DOM or page context?" -> "Portable foreground script" [label="yes"];
    "Need page DOM or page context?" -> "Need persistent or scheduled work?" [label="no"];
    "Need persistent or scheduled work?" -> "ScriptCat background or crontab script" [label="yes"];
    "Need persistent or scheduled work?" -> "Need to install many scripts as one package?" [label="no"];
    "Need to install many scripts as one package?" -> "ScriptCat subscription package" [label="yes"];
    "Need to install many scripts as one package?" -> "Portable foreground script" [label="no"];
}

Preflight

  • Confirm the manager and browser. On Manifest V3 browsers, ScriptCat may require Allow User Scripts or browser developer mode before scripts run.
  • Decide page script versus background script before writing code. ScriptCat background scripts cannot touch the DOM.
  • Start with metadata, not implementation: @match, @grant, @connect, @run-at, and any update URLs.
  • Prefer portable ==UserScript== patterns for ordinary page scripts. Only switch to ScriptCat-only headers when the requested behavior actually needs them.

Workflow

  1. Choose the runtime and metadata first.
  2. Declare the smallest permission surface that fits the task.
  3. Implement against the runtime you chose.
  4. Debug where the code really runs.
    • Foreground scripts: page console plus manager logs.
    • ScriptCat background scripts: run log first, then background.html for real-environment debugging.
  5. Publish with the right update model.
    • Normal scripts: keep @version accurate and add @updateURL or @downloadURL only when needed.
    • Subscription bundles: use ==UserSubscribe==, HTTPS URLs, and subscription-level @connect.

Quick Reference

IntentDefault choiceWatch for
Page UI, DOM scraping, page patchingPortable ==UserScript==@match, @grant, @run-at, CSP-sensitive injection
Cross-origin API accessGM_xmlhttpRequest with explicit @connectMissing hosts, cookie behavior differences, user authorization
Long-running workerScriptCat @backgroundNo DOM, must return Promise for async work
Scheduled taskScriptCat @crontabOnly first @crontab counts, prefer 5-field cron, avoid interval overlap
User-editable settings==UserConfig== plus GM_getValueBlock placement and group.key naming
Silent bundle install and updates==UserSubscribe==HTTPS, user.sub.js, subscription connect overrides child scripts

Common Mistakes

  • Missing @grant for APIs the script actually uses.
  • Missing @connect for hosts used by GM_xmlhttpRequest or GM_cookie.
  • Treating @include as a better default than @match for ordinary host targeting.
  • Using DOM APIs inside ScriptCat background or cron scripts.
  • Returning from a ScriptCat background script before async GM work is truly finished.
  • Mixing ==UserScript== and ==UserSubscribe== packaging concepts.
  • Putting ==UserConfig== in the wrong place or reading config keys without the group.key name.
  • Assuming Tampermonkey and ScriptCat storage, notification, or request behavior is identical.

References

Lebih banyak skill dari xixu-me

github-actions-docs
xixu-me
Gunakan saat pengguna bertanya cara menulis, menjelaskan, menyesuaikan, memigrasikan, mengamankan, atau memecahkan masalah alur kerja GitHub Actions, sintaks alur kerja, pemicu, matriks, runner, alur kerja yang dapat digunakan kembali, artefak, caching, rahasia, OIDC, penerapan, tindakan kustom, atau Actions Runner Controller, terutama saat mereka membutuhkan dokumentasi resmi GitHub, tautan yang tepat, atau panduan YAML yang didasarkan pada dokumentasi.
developmentdevopsdocument
use-my-browser
xixu-me
Gunakan ketika pekerjaan bergantung pada sesi browser langsung pengguna atau status render yang terlihat, bukan pengambilan statis, terutama untuk konteks debugging browser atau elemen atau permintaan yang dipilih melalui DevTools, dasbor yang sudah login atau alur CMS, aplikasi localhost, formulir, unggahan, unduhan, inspeksi media, inspeksi DOM atau iframe, Shadow DOM, atau kegagalan browser yang tampak seperti soft 404, dinding autentikasi, pemeriksaan anti-bot, atau batas kecepatan.
browser-automationweb-scrapingtesting
readme-i18n
xixu-me
Gunakan saat pengguna ingin menerjemahkan README repositori, membuat repositori multibahasa, melokalkan dokumen, menambahkan pengalih bahasa, menginternasionalkan README, atau memperbarui varian README yang telah dilokalkan di repositori bergaya GitHub.
documentdevelopmentapi
openclaw-secure-linux-cloud
xixu-me
Gunakan saat menghosting sendiri OpenClaw di server cloud, memperkuat gateway OpenClaw jarak jauh, memilih antara tunneling SSH, Tailscale, atau paparan reverse-proxy, atau meninjau Podman, pemasangan, sandboxing, autentikasi token, dan default izin alat untuk penyebaran pribadi yang aman.
devopssecurity
secure-linux-web-hosting
xixu-me
Gunakan saat menyiapkan, memperkuat, atau meninjau server cloud untuk hosting mandiri, termasuk DNS, SSH, firewall, Nginx, hosting situs statis, reverse-proxy aplikasi, HTTPS dengan Let's Encrypt atau klien ACME, pengalihan HTTP-ke-HTTPS yang aman, atau penyesuaian jaringan pasca-peluncuran opsional seperti BBR.
devopssecurityaws
opensource-guide-coach
xixu-me
Gunakan ketika pengguna ingin panduan tentang memulai, berkontribusi, mengembangkan, mengelola, mendanai, mengamankan, atau mempertahankan proyek sumber terbuka, atau bertanya tentang orientasi kontributor, kesehatan komunitas, kelelahan pengelola, kode etik, metrik, dasar-dasar hukum, atau adopsi proyek sumber terbuka.
developmentresearch
running-claude-code-via-litellm-copilot
xixu-me
Gunakan saat merutekan Claude Code melalui proxy LiteLLM lokal ke GitHub Copilot, mengurangi pengeluaran langsung ke Anthropic, mengonfigurasi override ANTHROPIC_BASE_URL atau ANTHROPIC_MODEL, atau memecahkan masalah kegagalan pengaturan proxy Copilot seperti model-not-found, tidak ada lalu lintas localhost, atau kesalahan otentikasi GitHub 401/403.
developmentapidevops
skills-cli
xixu-me
Use when users ask to discover, install, list, check, update, remove, back up, restore, sync, or initialize Agent Skills, mention `bunx skills`, `npx skills`, `skills.sh`, or `skills-lock.json`, ask "find a skill for X", or want help extending agent capabilities with installable skills.
developmentapiproductivity