browser-automation_skill

This skill helps you perform secure browser automation by enforcing domain allowlists, credential protection, and audit logging during automated browsing.
  • Shell

25

GitHub Stars

1

Bundled Files

2 months ago

Catalog Refreshed

4 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill martinholovsky/claude-skills-generator --skill browser-automation

  • SKILL.md13.9 KB

Overview

This skill provides expert browser automation using Chrome DevTools Protocol and WebDriver with a security-first posture. It focuses on secure web automation, test-driven development (TDD), performance optimization, and strict credential and domain protections. The implementation emphasizes audit logging, rate limiting, and safe defaults for scraping and testing workflows.

How this skill works

The automation validates every URL against domain allowlists and blocked patterns before navigation, intercepts and filters network requests, and applies resource blocking to speed runs. It exposes primitives for secure navigation, safe element interaction (blocking password fields), rate limiting, and session management with isolated browser contexts and cleanup. Auditing hooks log actions while redacting sensitive values.

When to use it

  • Automated testing where domains and credentials must be tightly controlled
  • Web scraping tasks that require high performance while avoiding tracking and sensitive sites
  • Reusable browsing sessions for parallel tests or large-scale scraping with context reuse
  • Security-sensitive automation workflows requiring audit trails and rate limits
  • Prototyping interactions that must never expose or store user credentials

Best practices

  • Start with failing tests (TDD) that assert security and rate limits before implementation
  • Enforce a domain allowlist and explicit URL validation for every navigation
  • Never store or log raw credentials; redact sensitive data in audit logs
  • Reuse browser contexts for performance and create fresh contexts per test for isolation
  • Block images, fonts, analytics, and other unnecessary resources to speed execution
  • Apply rate limiting and timeouts on all operations and fail fast on suspicious access

Example use cases

  • CI test suites using pytest-playwright that must block banking and login pages
  • Scraping public product pages in parallel while blocking analytics and heavy assets
  • Running security-focused smoke tests that assert password fields are never filled
  • Automated data collection with auditable navigation records compliant with policy
  • Shared browser session patterns for endpoint testing with per-test context isolation

FAQ

It blocks interactions with password fields, never stores credentials in code or logs, redacts sensitive values, and isolates sessions with context cleanup.

Can I whitelist multiple subdomains?

Yes. URL validation supports exact matches and subdomain checks so allowlists can include base domains and subdomain patterns.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational
browser-automation skill by martinholovsky/claude-skills-generator | VeilStrat