# Send Online Shopping to your agent Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually. ## Fast path - Download the package from Yavira. - Extract it into a folder your agent can access. - Paste one of the prompts below and point your agent at the extracted folder. ## Suggested prompts ### New install ```text I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete. ``` ### Upgrade existing ```text I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run. ``` ## Machine-readable fields ```json { "schemaVersion": "1.0", "item": { "slug": "online-shopping", "name": "Online Shopping", "source": "tencent", "type": "skill", "category": "通讯协作", "sourceUrl": "https://clawhub.ai/filipmartinsson/online-shopping", "canonicalUrl": "https://clawhub.ai/filipmartinsson/online-shopping", "targetPlatform": "OpenClaw" }, "install": { "downloadUrl": "/downloads/online-shopping", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=online-shopping", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "packageFormat": "ZIP package", "primaryDoc": "SKILL.md", "includedAssets": [ "SKILL.md", "references/preferences-template.md", "references/setup.md", "references/sites-template.md", "references/sites.md", "scripts/browse.mjs" ], "downloadMode": "redirect", "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-30T16:55:25.780Z", "expiresAt": "2026-05-07T16:55:25.780Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=network", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=network", "contentDisposition": "attachment; filename=\"network-1.0.0.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/online-shopping" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] } }, "links": { "detailUrl": "https://openagent3.xyz/skills/online-shopping", "downloadUrl": "https://openagent3.xyz/downloads/online-shopping", "agentUrl": "https://openagent3.xyz/skills/online-shopping/agent", "manifestUrl": "https://openagent3.xyz/skills/online-shopping/agent.json", "briefUrl": "https://openagent3.xyz/skills/online-shopping/agent.md" } } ``` ## Documentation ### Overview Search for products, compare options, and complete purchases on online stores — even those protected by Cloudflare. Uses Patchright (stealth Playwright) to avoid bot detection. ### First-Time Setup Run the setup script to install all dependencies: bash /scripts/setup.sh This installs xvfb, Patchright, and Chromium, then verifies everything works. See references/setup.md for manual steps or troubleshooting. ### Workflow Understand the request — product type, specs, size, brand preference, budget Browse the store — use stealth browser script to search and extract product listings Recommend — present options with price, availability, ratings. Give a clear recommendation. Confirm — get explicit approval before adding to cart Checkout — fill shipping/contact details, select delivery and payment Stop before paying — always confirm with the user before completing a purchase ### Using the Stealth Browser All browsing goes through Patchright scripts executed with xvfb-run. Do NOT use OpenClaw's built-in browser tool for Cloudflare-protected sites — it connects via CDP which leaks Runtime.enable calls that Cloudflare detects. ### Quick browse (bundled script) xvfb-run --auto-servernum node /scripts/browse.mjs "" --screenshot /tmp/page.png --text ### Custom scripts Write .mjs scripts in /tmp/ for multi-step flows. Auto-detect Patchright path: import { createRequire } from 'module'; import { execSync } from 'node:child_process'; import { existsSync } from 'node:fs'; function findPatchright() { const root = execSync('npm root -g 2>/dev/null').toString().trim(); const candidates = [ root + '/openclaw/node_modules/patchright', process.env.HOME + '/.npm-global/lib/node_modules/openclaw/node_modules/patchright', root + '/patchright', ]; for (const p of candidates) { try { if (existsSync(p)) return p; } catch {} } throw new Error('Patchright not found. Run setup.sh first.'); } const require = createRequire(import.meta.url); const { chromium } = require(findPatchright()); const browser = await chromium.launchPersistentContext('/tmp/patchright-ctx', { headless: false, // REQUIRED — Cloudflare detects headless viewport: null, // REQUIRED — use real viewport, not default 800x600 args: ['--no-sandbox', '--disable-gpu'], }); const page = browser.pages()[0] || await browser.newPage(); // ... your automation here ... await browser.close(); Execute with: xvfb-run --auto-servernum node /tmp/my-script.mjs ### Critical best practices (from Patchright docs) These are essential for avoiding bot detection: headless: false — always. Cloudflare fingerprints headless mode. Use xvfb for servers without a display. viewport: null — let the browser use its natural viewport. Custom viewports are a detection signal. Do NOT set custom userAgent or HTTP headers — fingerprint injection makes you more detectable, not less. Use persistent context (launchPersistentContext) — retains cookies, localStorage, and session state between runs. Also more closely resembles real browser behavior. Prefer Google Chrome over Chromium where available (x86_64: npx patchright install chrome, then channel: "chrome"). Chromium has subtle fingerprint differences. ARM64 only supports Chromium. Do NOT use connectOverCDP() — connecting via raw CDP bypasses Patchright's patches. Always use chromium.launch() or chromium.launchPersistentContext(). ### Why Patchright works where Playwright doesn't Patchright patches three key detection vectors: Runtime.enable leak — Playwright uses Runtime.enable CDP call which sites detect. Patchright executes JS in isolated execution contexts instead. Command flag leaks — Removes --enable-automation, adds --disable-blink-features=AutomationControlled. Console.enable leak — Disables console API to avoid detection (console.log won't work in page context). ### Script workflow for shopping Search script — navigate to store, search for product, extract listings as text Product script — click into a product page, get details Cart script — add to cart, navigate to checkout Checkout script — dump form fields with page.evaluate(), fill details, select shipping/payment Screenshot — always screenshot before completing purchase for user confirmation Write each step as a separate .mjs script in /tmp/. Persistent context means the cart and session carry over between scripts. ### Debugging tips Use page.screenshot() liberally to see what the page looks like Use page.evaluate(() => document.body.innerText) to dump page text Dump form fields with page.evaluate(() => { ... querySelectorAll('input') ... }) before filling Some fields may be read-only (auto-filled from other fields) — check before trying to fill Use page.waitForTimeout() generously — sites need time to load/render Close cookie banners early — they can block interactions ### User Details & Preferences Check references/preferences.md for saved shopping data (addresses, payment methods, delivery preferences, order history). If it doesn't exist yet, copy references/preferences-template.md to references/preferences.md and fill it in. Fall back to USER.md for basic contact/address info. When checkout requires info not on file, ask the user. After a successful order, update references/preferences.md with: Any new address or delivery preference The order in the history table Never store card numbers or sensitive payment credentials. Only store method names (e.g. "Swish", "PayPal", "Visa ending 4321"). ### Safety Never complete a purchase without explicit user confirmation Show the cart summary, total price, and shipping cost before final step Screenshot the checkout page and describe it to the user If something looks wrong (wrong product, unexpected charges), stop and ask ### Site-Specific Notes See references/sites.md for store-specific quirks and tips. If the file doesn't exist yet, copy references/sites-template.md to get started. ## Trust - Source: tencent - Verification: Indexed source record - Publisher: filipmartinsson - Version: 1.0.0 ## Source health - Status: healthy - Source download looks usable. - Yavira can redirect you to the upstream package for this source. - Health scope: source - Reason: direct_download_ok - Checked at: 2026-04-30T16:55:25.780Z - Expires at: 2026-05-07T16:55:25.780Z - Recommended action: Download for OpenClaw ## Links - [Detail page](https://openagent3.xyz/skills/online-shopping) - [Send to Agent page](https://openagent3.xyz/skills/online-shopping/agent) - [JSON manifest](https://openagent3.xyz/skills/online-shopping/agent.json) - [Markdown brief](https://openagent3.xyz/skills/online-shopping/agent.md) - [Download page](https://openagent3.xyz/downloads/online-shopping)