- Home
- Skills
- Diverta
- Kuroco Skills
- Admin Api Browser
admin-api-browser_skill
1
GitHub Stars
2
Bundled Files
2 months ago
Catalog Refreshed
3 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill diverta/kuroco-skills --skill admin-api-browser- metadata.json104 B
- SKILL.md26.0 KB
Overview
This skill lets you operate Kuroco's admin_api from a browser session using the claude-in-chrome MCP tools. It uses the browser session cookie for authentication and executes admin_api endpoints via fetch() in the page context, enabling structured reads and safe writes against the management API. The skill provides discovery, schema inspection, AI-driven advice, and execution patterns for reliable automation.
How this skill works
The skill runs lightweight fetch() calls from the browser via the javascript_tool with credentials: 'include', so the HttpOnly session cookie is automatically sent. It follows a strict flow: verify authentication (whoami), read /llms.txt for site structure, fetch module details for field names, optionally fetch schema for write operations, then execute APIs (GET/POST) with mt/ct parameters. For UI-only tasks (file upload, preview), it falls back to browser automation tools (navigate, form input, read page).
When to use it
- When you need structured data retrieval or filtering from the Kuroco management API instead of clicking through the UI
- When creating, updating, or deleting content and you must know exact field names and required fields
- When you need to discover modules/controllers and API usage from the logged-in user perspective
- When an AI-guided sequence of API calls is helpful (advise mode) to implement a complex change
- When UI-only operations are required (file upload, preview) and API cannot handle them
Best practices
- Always run MODE=whoami first to confirm authentication and permissions
- Read /llms.txt, then module detail (/direct/rcms_api/llms/?mt=...) to get exact field names before calling APIs
- For write operations, fetch MODE=schema with topics_group_id when applicable to get JSON Schema and required fields
- Use mt/ct format (not model/method) and include credentials: 'include' on every fetch
- Always ask the user to confirm insert/update/delete actions before executing
Example use cases
- List latest articles with specific columns: GET topics_list with columns=topics_id,subject,ymd and cnt=10
- Create a new topic: fetch MODE=INSERT to topics_edit_api after reading schema to populate ext_col fields correctly
- Discover available controllers for a module when mt/ct is unknown using /llms.txt then module detail
- Ask advise mode to generate a sequence of API calls for bulk member registration or Topics creation
- Automate file upload or preview via browser navigation and form_input when the API cannot perform the task
FAQ
No. The skill executes fetch() in the browser context with credentials: 'include', so the HttpOnly session cookie is sent automatically. Do not attempt to read or log cookie values.
What if I see a 401 or 403?
Stop operations, notify the user to re-login at the management login URL, then re-run MODE=whoami after the user authenticates.
When is schema required?
Always for write operations. Fetch MODE=schema and include topics_group_id when dealing with content definitions that use ext_col or block editors to discover required fields and types.
When should I use browser automation instead of API calls?
Only for actions the API cannot perform: file uploads, GUI previews, or UI-only configuration changes. For data retrieval and CRUD, prefer admin_api.