Latest release: v0.1.5Download zip
Capabilities
Compatibility
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description describe letting an agent use the user's real browser session. The bundled JS implements an MCP bridge that spawns an 'omb' CLI and forwards JSON-RPC tool calls — exactly what the README says. No unrelated cloud credentials or unrelated binaries are requested.
Instruction Scope
SKILL.md instructs installing an external omb CLI and Chrome extension that give the agent access to authenticated pages, can run arbitrary JS in pages, click/fill forms, screenshot, and extract page content. Those instructions deliberately expand the agent's surface (access to cookies, logins, internal sites). The plugin runs only the omb subprocess and does not itself read unrelated local files, but the tools exposed permit actions (evaluate JS, intercept network) that can exfiltrate sensitive data from your browser session.
Install Mechanism
There is no packaged install spec in the registry, but the README/INSTALL recommends executing a remote installer via 'curl -fsSL https://api.omb.org.cn/install | bash' (and PowerShell equivalent). Piping an install script from an external / unknown domain to a shell is high risk: arbitrary code will be fetched and run. The Chrome extension and CLI are also downloaded from omb.org.cn/api hosts (not GitHub/releases), increasing trust/verification burden.
Credentials
The plugin itself declares no required environment variables or credentials. The runtime code will honor OMB_PATH if set and checks ~/.omb/omb and PATH for the omb binary. That is proportionate. However, the overall capability (using your real browser session) implicitly requires granting the extension access to cookies and logged-in sites — a sensitive privilege that is consistent with the stated purpose but must be considered sensitive.
Persistence & Privilege
The skill does not set always:true, but it allows autonomous invocation (default). Autonomous invocation combined with the ability to control your real, logged-in browser (run JS, click, intercept) materially increases blast radius: the agent could perform actions in your authenticated sessions without further prompts. The plugin will create/use an authDir under the agent directory (~/.omb fallback) but does not modify other plugins.
What to consider before installing
This plugin appears to be what it claims (a bridge to an 'omb' CLI + Chrome extension) but it elevates privileges: the agent can access pages that rely on your browser cookies/logins and run JavaScript in them. Important considerations before installing:
- Do not run curl | bash (or PowerShell irm) on an unknown domain without inspecting the script. Download and review the installer first, ideally from a verifiable source (GitHub release or signed binary).
- The Chrome extension will be able to read and act on pages where you're logged in (email, Notion, internal tools). If you proceed, consider using a dedicated browser profile or a secondary browser instance with only the accounts you want the agent to access.
- Verify the CLI and extension source code and publisher (omb.org.cn / api.omb.org.cn) and prefer official release artifacts (signed releases, GitHub repo, checksums). The package in the registry bundles a bridge that spawns a subprocess and uses your home directory (~/.omb/omb) — check what that binary does.
- Because the agent can be invoked autonomously, decide whether to allow the skill to run without manual approval. If you keep autonomous invocation, restrict which agents or tasks can call it.
- If you have sensitive sessions (work email, banking, SSO), avoid granting the extension access to those accounts or use an isolated environment.
If you want to proceed, first inspect the remote install script and the omb CLI/extension sources, and consider installing manually rather than piping remote content into a shell.dist/index.js:20
Shell command execution detected (child_process).
dist/index.js:15
Environment variable access combined with network send.
dist/openclaw.plugin.json:410
Install source points to URL shortener or raw IP.
openclaw.plugin.json:410
Install source points to URL shortener or raw IP.
dist/index.js:4
File read combined with network send (possible exfiltration).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Verification
Tags
oh-my-browser
Let your AI Agent use your real browser to search and interact with the web -- with your logins, cookies, and locale intact.
Features
- Authenticated Web Access -- Agent uses your browser session to access login-required pages (Gmail, Notion, internal tools, etc.)
- Multi-Engine Search -- Search via Google, Baidu, Sogou, or your browser's session for personalized results
- Page Reading -- Extract clean content from any webpage, with format options (markdown, text, HTML)
- Browser Automation -- Click, fill, scroll, screenshot, run JS -- full browser interaction via your real Chrome
- Element Discovery -- Find interactive elements by label, type, or region before interacting
- Accessibility Snapshots -- Stable element refs for SPA/dynamic pages where CSS selectors break
- Zero Config -- No API keys to configure. Install, authorize, and go.
How It Works
Agent --> oh-my-browser plugin --> omb CLI (subprocess) --> API --> your Chrome extension
The plugin spawns an omb CLI subprocess and communicates via MCP (stdio JSON-RPC). All browser operations execute through the Oh My Browser Chrome extension in your real browser.
Installation
One-line install (recommended)
# macOS / Linux
curl -fsSL https://api.omb.org.cn/install | bash
# Windows (PowerShell)
irm https://api.omb.org.cn/install | iex
The install script will interactively guide you through:
- Download omb CLI -- the command-line tool
- Login -- opens your browser for authorization
- Install OpenClaw plugin -- auto-detects OpenClaw instances
- Download Chrome extension -- the bridge between Agent and your browser
Or install plugin only
openclaw plugins install oh-my-browser
If omb CLI is not yet installed, run the one-line install above to set it up.
Login
If you skipped login during installation, or your session expired:
omb login
This opens your browser for authorization. In an OpenClaw Agent session, the Agent will guide you through authorization automatically.
Then restart the gateway:
openclaw gateway restart
Tools
| Tool | Description |
|---|---|
omb_search | Search the web (auto, browser session, or specific engine: google/baidu/sogou) |
omb_read | Read a webpage and extract content (supports authenticated pages) |
omb_action | Browser interaction: click, fill, scroll, screenshot, evaluate JS, and more |
omb_map | Discover interactive elements on a page (filter by label, type, region) |
omb_snapshot | Accessibility snapshot with stable element refs (@1, @2...) |
omb_guide | Load detailed usage guides for each tool |
omb_report | Report page extraction quality issues |
Usage Examples
Search the web
omb_search({ query: "OpenClaw plugins", max_results: 5 })
Read a login-required page
omb_read({ url: "https://notion.so/my-private-page" })
Interact with a page
// 1. Read the page
omb_read({ url: "https://example.com" })
// 2. Find elements
omb_map({ tabId: 123, label: "Search", types: ["input"] })
// 3. Fill and submit
omb_action({ action: "fill", tabId: 123, selector: "#search-input", value: "hello" })
omb_action({ action: "keypress", tabId: 123, key: "Enter" })
Take a screenshot
omb_action({ action: "screenshot", tabId: 123, annotate: true })
Troubleshooting
| Error | Cause | Solution |
|---|---|---|
Could not find omb binary | omb CLI not installed | Run curl -fsSL https://api.omb.org.cn/install | bash |
fetch failed | Browser not running or extension disconnected | Open Chrome, check extension shows "Connected" |
AUTH_SESSION_MISSING | Not authorized | Run omb login to authorize |
omb process exited | omb CLI crashed | Check ~/.omb/omb exists; reinstall if needed |
Requirements
- omb CLI -- installed via the install script above
- Chrome with the Oh My Browser extension installed and running
- Node.js 18+ (for the plugin runtime)
Architecture
Agent --> oh-my-browser plugin --> omb --mcp (subprocess) --> API --> Chrome extension
The plugin itself doesn't call APIs directly. It spawns an omb subprocess and forwards all tool calls via the MCP (stdio JSON-RPC) protocol.
License
MIT