Captcha Login Assistant — 验证码登录助手

Name: Captcha Login Assistant — 验证码登录助手
Author: leungBH

leungBH

Captcha Login Assistant — 验证码登录助手

v1.0.0

验证码登录助手工具。

0· 214·0 当前·0 累计

by @leungbh (leungBH)·MIT-0

智能体开发工具 AI模型访问代码生成

下载技能包

License

MIT-0

最后更新

2026/4/13

安全扫描

VirusTotal

可疑

查看报告

OpenClaw

可疑

medium confidence

The skill's instructions largely match its stated purpose (automating CAPTCHA-based logins), but it leaves out how credentials are supplied and contains operational details that make credential handling and automated bypass of CAPTCHA easy — this raises security and misuse concerns that you should understand before installing.

评估建议

Before installing, consider the following: - This skill automates login and CAPTCHA solving and will need account credentials and page access to work. Ask the publisher how credentials should be supplied securely (prefer runtime secure prompts or a dedicated secret store—do not paste passwords into the SKILL.md or chat history). - Automated CAPTCHA solving can be used to circumvent anti-abuse controls; ensure you have lawful, authorized use for any target system and that automation won't violat...

详细分析 ▾

ℹ 用途与能力

The name/description (automate CAPTCHA logins via Chrome DevTools MCP and AI vision) aligns with the SKILL.md actions (navigate, screenshot, run DOM scripts, submit). However, the skill assumes supply of account credentials and recognized CAPTCHA values without declaring how those secrets are provided or protected (no env vars, no secure input mechanism). That omission is notable because handling passwords is central to the stated purpose.

⚠ 指令范围

The runtime instructions instruct the agent to capture screenshots of login pages, perform DOM manipulation to insert usernames/passwords, and submit forms. These are exactly what the skill claims to do, but they also give a complete, automated recipe for programmatically bypassing CAPTCHA protections. The instructions suggest embedding credential values directly into evaluated scripts (placeholders 'your_username' / 'your_password') and capture screenshots that may contain sensitive data. There is no guidance on secure credential injection at runtime or safeguards against misuse, nor any requirement that screenshots be stored securely or immediately discarded.

✓ 安装机制

Instruction-only skill with no install spec and no code files — lowest disk-write risk. There are no downloaded artifacts or binaries requested.

ℹ 凭证需求

The skill requests no environment variables or credentials in registry metadata, yet its workflow requires account credentials and produces sensitive screenshots. The lack of declared primaryEnv or envVars is inconsistent with the practical needs of the described workflow and increases the chance implementers will embed secrets insecurely (inlined into scripts or chat prompts).

✓ 持久化与权限

always is false and the skill does not request system-level persistence or modify other skills. Model invocation is allowed (platform default) which means it could be called autonomously; combined with the nature of this skill, that increases abuse potential, but the skill itself does not request elevated platform privileges.

安全有层次，运行前请审查代码。

License

MIT-0

可自由使用、修改和再分发，无需署名。

查看条款 ↗

运行时依赖

无特殊依赖

版本

latestv1.0.02026/3/15

Initial release of CAPTCHA Login Assistant. - Automates web login processes requiring CAPTCHA verification through Chrome DevTools MCP. - Captures login page screenshots, recognizes CAPTCHA codes using AI vision, and fills in credentials programmatically. - Supports rapid and consecutive login scenarios where CAPTCHA validity is short. - Provides troubleshooting steps and best practices for common CAPTCHA and login workflow issues. - Prioritizes security and privacy when handling sensitive data.

● 可疑

安装命令点击复制

官方npx clawhub@latest install captcha-login-assistant

镜像加速npx clawhub@latest install captcha-login-assistant --registry https://cn.clawhub-mirror.com

技能文档

# CAPTCHA 登录 Assistant

Overview

This skill automates the login process for web systems requiring CAPTCHA verification. It uses Chrome DevTools MCP to capture login page screenshots, employs AI vision to recognize CAPTCHA codes, automatically fills in account credentials and CAPTCHA, and completes the login operation.

Applicable Scenarios

Web system logins requiring CAPTCHA verification
登录 scenarios 带有 short CAPTCHA validity periods
Situations requiring rapid consecutive 登录 operations

Core Workflow

1. Preparation

Ensure the following tools are available:

Chrome DevTools MCP 服务
Target 登录 page URL
有效账户 credentials (username 和密码)

2. 登录 Steps

Step 1: 刷新 Page 到获取新的 CAPTCHA

``

javascript
// Navigate to login page and refresh
mcp_chrome-devtools-mcp_navigate_page({
  "type": "reload"
})

`



Step 2: Capture 登录 Page Screenshot

`

javascript
// Capture current page viewport
mcp_chrome-devtools-mcp_take_screenshot({
  "filePath": "path/to/login_screenshot.png"
})

`



Step 3: Recognize CAPTCHA
视图  CAPTCHA image 在...中  screenshot
CAPTCHA  usually located 到  right 的  "Enter CAPTCHA" 输入框 字段
Carefully identify CAPTCHA characters (note case sensitivity)

Step 4: Quickly Fill 表单

`

javascript
// Use JavaScript to fill all fields simultaneously
mcp_chrome-devtools-mcp_evaluate_script({
  "function": "() => {\n    const username = document.querySelector('input[name=\"username\"]');\n    const password = document.querySelector('input[name=\"password\"]');\n    const verifyCode = document.querySelector('input[name=\"verifyCode\"]');\n    \n    if (username) {\n      username.value = 'your_username';\n      username.dispatchEvent(new Event('input', { bubbles: true }));\n    }\n    if (password) {\n      password.value = 'your_password';\n      password.dispatchEvent(new Event('input', { bubbles: true }));\n    }\n    if (verifyCode) {\n      verifyCode.value = 'recognized_captcha';\n      verifyCode.dispatchEvent(new Event('input', { bubbles: true }));\n    }\n    return 'filled';\n  }"
})

`



Step 5: Click 登录 按钮

`

javascript
// Click login button
mcp_chrome-devtools-mcp_evaluate_script({
  "function": "() => {\n    const loginBtn = document.querySelector('button[type=\"submit\"]') || document.querySelector('button');\n    if (loginBtn) {\n      loginBtn.click();\n      return 'login_clicked';\n    }\n    return 'button_not_found';\n  }"
})

`



Step 6: 验证 登录 结果

`

javascript
// Wait for post-login page elements
mcp_chrome-devtools-mcp_wait_for({
  "text": ["Home", "Dashboard", "System", "Logout"],
  "timeout": 5000
})

`



键 Insights

CAPTCHA Recognition Tips

清除 Screenshot - Ensure CAPTCHA image  clearly visible 在...内 screenshot bounds
时间 Sensitivity - CAPTCHA typically 有 short validity (1-3 seconds), fill immediately 之后 recognition
Careful Identification - Distinguish similar characters (e.g., 0 vs O, 1 vs l, 5 vs S)
Case Sensitivity - CAPTCHA  usually case-sensitive

Common Issues

CAPTCHA Verification 失败
Cause: CAPTCHA 有 已过期
Solution: Immediately recapture screenshot, recognize 新的 CAPTCHA, 和 resubmit

Page 元素 不 Found
Cause: Page 不 fully loaded 或 元素 ID changed
Solution: 获取 page snapshot 第一个 到 confirm 元素 existence

Redirected Back 到 登录 之后 登录
Cause: 会话 已过期 或 令牌 无效
Solution: Re-execute complete 登录 workflow

Best Practices

Parallel 处理中 - Screenshot capture 和 表单 preparation 可以  已完成 在...中 parallel
Quick 响应 - Fill 表单 immediately 之后 CAPTCHA recognition 到 minimize expiration risk
使用 JavaScript - Direct DOM manipulation  faster 比 fill tools
验证 Results - Check page content 之后 登录 到 confirm 成功

Examples

示例 1: Standard 登录 Workflow

`


User: Help me login to this system http://example.com/login, username admin, password 123456

Execution Steps:
Navigate to login page
Capture screenshot to get CAPTCHA
Recognize CAPTCHA as "Ab3d"
Use JavaScript to fill username, password, and CAPTCHA
Click login button
Verify successful login

`



示例 2: CAPTCHA Expiration 重试

`


If login fails showing "CAPTCHA verification failed":
Immediately recapture screenshot
Recognize new CAPTCHA
Refill and submit
Retry multiple times if necessary

``

Important Notes

Security - 做不 log passwords 在...中 logs
Privacy - Handle screenshots containing sensitive information appropriately
Rate Limiting - aware 的 system 登录 rate limits 到 avoid triggering security mechanisms
CAPTCHA Complexity - 对于 complex CAPTCHAs (distorted, 带有 interference lines), multiple attempts 可能 needed

Troubleshooting

| Issue | Possible Cause | Solution | |-------|---------------|----------| | Empty CAPTCHA recognition | Screenshot doesn't include CAPTCHA | Adjust screenshot bounds | | Login button not found | Page not fully loaded | Wait for page load before operation | | Repeated verification failures | CAPTCHA expires too quickly | Manual login or contact administrator | | Redirect to login after login | Session issue | Clear cookies and retry |

# CAPTCHA Login Assistant

Overview

This skill automates the login process for web systems requiring CAPTCHA verification. It uses Chrome DevTools MCP to capture login page screenshots, employs AI vision to recognize CAPTCHA codes, automatically fills in account credentials and CAPTCHA, and completes the login operation.

Applicable Scenarios

Web system logins requiring CAPTCHA verification
Login scenarios with short CAPTCHA validity periods
Situations requiring rapid consecutive login operations

Core Workflow

1. Preparation

Ensure the following tools are available:

Chrome DevTools MCP service
Target login page URL
Valid account credentials (username and password)

2. Login Steps

Step 1: Refresh Page to Get New CAPTCHA

``

javascript
// Navigate to login page and refresh
mcp_chrome-devtools-mcp_navigate_page({
  "type": "reload"
})

`



Step 2: Capture Login Page Screenshot

`

javascript
// Capture current page viewport
mcp_chrome-devtools-mcp_take_screenshot({
  "filePath": "path/to/login_screenshot.png"
})

`



Step 3: Recognize CAPTCHA
View the CAPTCHA image in the screenshot
CAPTCHA is usually located to the right of the "Enter CAPTCHA" input field
Carefully identify CAPTCHA characters (note case sensitivity)

Step 4: Quickly Fill Form

`

javascript
// Use JavaScript to fill all fields simultaneously
mcp_chrome-devtools-mcp_evaluate_script({
  "function": "() => {\n    const username = document.querySelector('input[name=\"username\"]');\n    const password = document.querySelector('input[name=\"password\"]');\n    const verifyCode = document.querySelector('input[name=\"verifyCode\"]');\n    \n    if (username) {\n      username.value = 'your_username';\n      username.dispatchEvent(new Event('input', { bubbles: true }));\n    }\n    if (password) {\n      password.value = 'your_password';\n      password.dispatchEvent(new Event('input', { bubbles: true }));\n    }\n    if (verifyCode) {\n      verifyCode.value = 'recognized_captcha';\n      verifyCode.dispatchEvent(new Event('input', { bubbles: true }));\n    }\n    return 'filled';\n  }"
})

`



Step 5: Click Login Button

`

javascript
// Click login button
mcp_chrome-devtools-mcp_evaluate_script({
  "function": "() => {\n    const loginBtn = document.querySelector('button[type=\"submit\"]') || document.querySelector('button');\n    if (loginBtn) {\n      loginBtn.click();\n      return 'login_clicked';\n    }\n    return 'button_not_found';\n  }"
})

`



Step 6: Verify Login Result

`

javascript
// Wait for post-login page elements
mcp_chrome-devtools-mcp_wait_for({
  "text": ["Home", "Dashboard", "System", "Logout"],
  "timeout": 5000
})

`



Key Insights

CAPTCHA Recognition Tips

Clear Screenshot - Ensure CAPTCHA image is clearly visible within screenshot bounds
Time Sensitivity - CAPTCHA typically has short validity (1-3 seconds), fill immediately after recognition
Careful Identification - Distinguish similar characters (e.g., 0 vs O, 1 vs l, 5 vs S)
Case Sensitivity - CAPTCHA is usually case-sensitive

Common Issues

CAPTCHA Verification Failed
Cause: CAPTCHA has expired
Solution: Immediately recapture screenshot, recognize new CAPTCHA, and resubmit

Page Element Not Found
Cause: Page not fully loaded or element ID changed
Solution: Get page snapshot first to confirm element existence

Redirected Back to Login After Login
Cause: Session expired or token invalid
Solution: Re-execute complete login workflow

Best Practices

Parallel Processing - Screenshot capture and form preparation can be done in parallel
Quick Response - Fill form immediately after CAPTCHA recognition to minimize expiration risk
Use JavaScript - Direct DOM manipulation is faster than fill tools
Verify Results - Check page content after login to confirm success

Examples

Example 1: Standard Login Workflow

`


User: Help me login to this system http://example.com/login, username admin, password 123456

Execution Steps:
Navigate to login page
Capture screenshot to get CAPTCHA
Recognize CAPTCHA as "Ab3d"
Use JavaScript to fill username, password, and CAPTCHA
Click login button
Verify successful login

`



Example 2: CAPTCHA Expiration Retry

`


If login fails showing "CAPTCHA verification failed":
Immediately recapture screenshot
Recognize new CAPTCHA
Refill and submit
Retry multiple times if necessary

``

Important Notes

Security - Do not log passwords in logs
Privacy - Handle screenshots containing sensitive information appropriately
Rate Limiting - Be aware of system login rate limits to avoid triggering security mechanisms
CAPTCHA Complexity - For complex CAPTCHAs (distorted, with interference lines), multiple attempts may be needed

Troubleshooting

| Issue | Possible Cause | Solution | |-------|---------------|----------| | Empty CAPTCHA recognition | Screenshot doesn't include CAPTCHA | Adjust screenshot bounds | | Login button not found | Page not fully loaded | Wait for page load before operation | | Repeated verification failures | CAPTCHA expires too quickly | Manual login or contact administrator | | Redirect to login after login | Session issue | Clear cookies and retry |

数据来源：ClawHub ↗ · 中文优化：龙虾技能库

OpenClaw 技能定制 / 插件定制 / 私有工作流定制

免费技能或插件可能存在安全风险，如需更匹配、更安全的方案，建议联系付费定制

了解定制服务

License

运行时依赖

版本

安装命令 点击复制

技能文档

Overview

Applicable Scenarios

Core Workflow

1. Preparation

2. 登录 Steps

Step 1: 刷新 Page 到 获取 新的 CAPTCHA

Step 2: Capture 登录 Page Screenshot

Step 3: Recognize CAPTCHA

Step 4: Quickly Fill 表单

Step 5: Click 登录 按钮

Step 6: 验证 登录 结果

键 Insights

CAPTCHA Recognition Tips

Common Issues

CAPTCHA Verification 失败

Page 元素 不 Found

Redirected Back 到 登录 之后 登录

Best Practices

Examples

示例 1: Standard 登录 Workflow

示例 2: CAPTCHA Expiration 重试

Important Notes

Troubleshooting

Overview

Applicable Scenarios

Core Workflow

1. Preparation

2. Login Steps

Step 1: Refresh Page to Get New CAPTCHA

Step 2: Capture Login Page Screenshot

Step 3: Recognize CAPTCHA

Step 4: Quickly Fill Form

Step 5: Click Login Button

Step 6: Verify Login Result

Key Insights

CAPTCHA Recognition Tips

Common Issues

CAPTCHA Verification Failed

Page Element Not Found

Redirected Back to Login After Login

Best Practices

Examples

Example 1: Standard Login Workflow

Example 2: CAPTCHA Expiration Retry

Important Notes

Troubleshooting

安装命令点击复制

Step 1: 刷新 Page 到获取新的 CAPTCHA

Step 5: Click 登录按钮

Step 6: 验证登录结果

Page 元素不 Found

Redirected Back 到登录之后登录