mng-api-browser_skill

This skill helps you operate Kuroco mng_api from a browser, enabling discovery, execution, and schema access with authenticated fetch.

1

GitHub Stars

2

Bundled Files

2 months ago

Catalog Refreshed

4 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill diverta/kuroco-skills --skill mng-api-browser

  • metadata.json104 B
  • SKILL.md25.9 KB

Overview

This skill enables executing Kuroco management API (mng_api) from the browser using the claude-in-chrome MCP tool. It runs fetch() calls authenticated by the browser session cookie, and also supports guided browser automation of the admin UI when API calls are insufficient. The skill focuses on safe, efficient discovery and execution of management APIs and on managing sessions and permissions.

How this skill works

The skill finds a logged-in Kuroco management tab (*.g.kuroco-mng.app) and uses the browser's session cookies with javascript_tool fetch() calls (credentials: 'include') to call mng_api modes: whoami, discover, schema, and execute. It recommends reading llms.txt first to map site structure, uses discover/schema to list models and fields, and uses columns/cnt parameters to limit response size. For GUI-only tasks, it automates navigation and form interaction via MCP navigation and form tools.

When to use it

  • You need to list available management models and methods programmatically (discover).
  • You want to verify the logged-in user and permissions before making API changes (whoami).
  • You need to fetch schema or specific fields for a controller/service (schema).
  • You must create/update/delete content or members from the admin session (execute with POST).
  • You must perform UI-only actions like file upload or preview that require browser automation.

Best practices

  • Always run the authentication check (MODE=whoami) before any API operation.
  • Start with llms.txt to understand site-wide modules and parameter specs.
  • Use credentials: 'include' on all fetch() calls and never extract or log cookie values.
  • Limit responses with cnt and columns to avoid large payloads and javascript_tool blocking.
  • Ask user confirmation before any mutation (insert/update/delete) and report partial failures.

Example use cases

  • Discover all available mng_api models and list their HTTP methods programmatically.
  • Read llms.txt to obtain site map and then fetch a Topics list with columns=topics_id,subject.
  • Create a new article via POST to mng_api (model=Topics, method=insert) after confirming with the user.
  • Open the admin UI to upload files or change GUI-only settings using navigate + form_input + get_page_text.
  • Inspect a model schema (MODE=schema) to build a form for automated content creation.

FAQ

Authentication uses the browser session cookie; fetch() calls run with credentials: 'include' so no token extraction is required.

What if I get 401 or 403 during an operation?

Stop the operation, inform the user to re-login at {base_url}/management/login/login/, then re-run the whoami check and resume after successful auth.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational