chrome-cdp
Interact with local Chrome browser session (only on explicit user approval after being asked to inspect, debug, or interact with a page open in Chrome)
How do I install this agent skill?
npx skills add https://github.com/pasky/chrome-cdp-skill --skill chrome-cdpIs this agent skill safe to install?
- Gen Agent Trust Hubpass
This skill provides a lightweight utility to interact with a local Chrome browser using the DevTools Protocol. It allows the agent to list tabs, take screenshots, evaluate JavaScript, and control the browser through actions like clicking, typing, and navigating. It uses a local daemon for persistent connections and includes security best practices such as restricted file permissions and protocol validation.
- Socketpass
No alerts
- Snykwarn
Risk: MEDIUM · 1 issue
- Runlayerwarn
3/3 files flagged
- ZeroLeakspass
Score: 93/100 · 2 sections analyzed
What does this agent skill do?
Chrome CDP
Lightweight Chrome DevTools Protocol CLI. Connects directly via WebSocket — no Puppeteer, works with 100+ tabs, instant connection.
Prerequisites
- Chrome (or Chromium, Brave, Edge, Vivaldi) with remote debugging enabled: open
chrome://inspect/#remote-debuggingand toggle the switch - Node.js 22+ (uses built-in WebSocket)
- If your browser's
DevToolsActivePortis in a non-standard location, setCDP_PORT_FILEto its full path
Commands
All commands use scripts/cdp.mjs. The <target> is a unique targetId prefix from list; copy the full prefix shown in the list output (for example 6BE827FA). The CLI rejects ambiguous prefixes.
List open pages
scripts/cdp.mjs list
Take a screenshot
scripts/cdp.mjs shot <target> [file] # default: screenshot-<target>.png in runtime dir
Captures the viewport only. Scroll first with eval if you need content below the fold. Output includes the page's DPR and coordinate conversion hint (see Coordinates below).
Accessibility tree snapshot
scripts/cdp.mjs snap <target>
Evaluate JavaScript
scripts/cdp.mjs eval <target> <expr>
Watch out: avoid index-based selection (
querySelectorAll(...)[i]) across multipleevalcalls when the DOM can change between them (e.g. after clicking Ignore, card indices shift). Collect all data in oneevalor use stable selectors.
Other commands
scripts/cdp.mjs html <target> [selector] # full page or element HTML
scripts/cdp.mjs nav <target> <url> # navigate and wait for load
scripts/cdp.mjs net <target> # resource timing entries
scripts/cdp.mjs click <target> <selector> # click element by CSS selector
scripts/cdp.mjs clickxy <target> <x> <y> # click at CSS pixel coords
scripts/cdp.mjs type <target> <text> # Input.insertText at current focus; works in cross-origin iframes unlike eval
scripts/cdp.mjs loadall <target> <selector> [ms] # click "load more" until gone (default 1500ms between clicks)
scripts/cdp.mjs evalraw <target> <method> [json] # raw CDP command passthrough
scripts/cdp.mjs open [url] # open new tab (each triggers Allow prompt)
scripts/cdp.mjs stop [target] # stop daemon(s)
Coordinates
shot saves an image at native resolution: image pixels = CSS pixels × DPR. CDP Input events (clickxy etc.) take CSS pixels.
CSS px = screenshot image px / DPR
shot prints the DPR for the current page. Typical Retina (DPR=2): divide screenshot coords by 2.
Tips
- Prefer
snap --compactoverhtmlfor page structure. - Use
type(not eval) to enter text in cross-origin iframes —click/clickxyto focus first, thentype. - Chrome shows an "Allow debugging" modal once per tab on first access. A background daemon keeps the session alive so subsequent commands need no further approval. Daemons auto-exit after 20 minutes of inactivity.
How can the creator link this skill?
Add the canonical catalog link to the repository README so users can inspect current installs and available audits. The publishing guide covers the complete discovery path.
<a href="https://skillzs.dev/skills/pasky/chrome-cdp-skill/chrome-cdp">View chrome-cdp on skillZs</a>