The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The script scripts/extract_cookies.py and its associated modules (cookie_crypto.py, cookie_paths.py) are designed to locate, read, and decrypt browser session cookies from local databases including Google Chrome, Brave, Chromium, and Firefox. It employs platform-specific decryption techniques such as accessing the macOS Keychain via the security utility, using DPAPI (CryptUnprotectData) on Windows, and interacting with the SecretService on Linux to retrieve master keys and decrypt plain-text session tokens.
[COMMAND_EXECUTION]: The skill frequently uses subprocess.run and other shell execution methods to perform sensitive operations. Specifically:
scripts/cookie_crypto.py executes the security command on macOS to extract passwords from the Keychain.
engine/executor.py spawns node processes to run local JavaScript templates.
scripts/extract_cookies.py executes node to perform cookie injection into a Chrome DevTools Protocol (CDP) session.
engine/fetch_chain.py and references/chrome-stealth.md contain logic or instructions to execute pip install and npm install at runtime to satisfy dependencies.
[EXTERNAL_DOWNLOADS]: The skill facilitates the download and installation of external tools and binaries at runtime. references/chrome-stealth.md provides instructions for the agent to install cloakbrowser (a patched stealth Chromium) and agent-browser. The engine/fetch_chain.py script attempts to silently install Python dependencies like curl_cffi if they are missing.
[REMOTE_CODE_EXECUTION]: The engine/executor.py module facilitates dynamic execution by running bundled Node.js templates (playwright_real_chrome.js, playwright_mobile_chrome.js) and passing them JSON-encoded arguments via stdin. While the templates are local, this pattern executes script logic determined at runtime based on the targeted website's profile.

ultimate-browsing