RonanCodes/browser-cookies
skills/browser-cookies/SKILL.md
Extract cookies for a domain from the user's browser (Firefox, Brave, Chrome, Arc, Chromium, Edge). Reads ROBROWSER default from ~/.config/ro/defaults.env. Used by scraping skills that need an authenticated session. Supersedes firefox-cookies.
development
Updated May 1, 2026
$ install --global
skillsauthnpx skillsauth add RonanCodes/ronan-skills browser-cookiesInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 1, 2026, 2:24 AM169.7s2 files scanned
SKILL.md
- name:
- browser-cookies
- description:
- Extract cookies for a domain from the user's browser (Firefox, Brave, Chrome, Arc, Chromium, Edge). Reads ROBROWSER default from ~/.config/ro/defaults.env. Used by scraping skills that need an authenticated session. Supersedes firefox-cookies.
- category:
- infra
- argument-hint:
- <domain> [--browser brave|chrome|arc|chromium|edge|firefox|auto] [--format header|json|jar]
- allowed-tools:
- Bash(sqlite3 *) Bash(uv *) Bash(python3 *) Read Write
- - pipeline:
- scan
- - platform:
- multi
- - role:
- primitive
Browser Cookies
Pull cookies for a specific domain from the user's logged-in browser session. Supports:
- Firefox — reads
cookies.sqlitedirectly (no decryption needed) - Chromium family (Brave, Chrome, Arc, Chromium, Edge) — via
browser_cookie3, which decrypts using the macOS Keychain (prompts the first time)
Output formats: shell-safe Cookie: header (default), JSON, or a raw name/value list.
Usage
/ro:browser-cookies linkedin.com # uses ROBROWSER default (brave for this user)
/ro:browser-cookies linkedin.com --browser firefox
/ro:browser-cookies x.com --format json
Resolving the browser
Priority:
--browserflagROBROWSERfrom~/.config/ro/defaults.env- Auto-detect: first of
brave,chrome,arc,firefoxwith a cookies file for the requested domain.
Execution
Single entry point: scripts/get.py. Invoke with uv so browser_cookie3 is auto-provisioned:
uv run --with browser-cookie3 --with requests python3 \
/path/to/skills/browser-cookies/scripts/get.py <domain> [flags]
Firefox path uses stdlib only (sqlite3). Chromium path needs browser_cookie3.
Keychain prompt (first time on Chromium)
macOS will prompt: "python3 wants to use the 'Brave Safe Storage' key in your keychain." Click Always Allow. Without approval, decryption silently returns zero cookies.
Output shape
--format header (default)
Cookie: li_at=AQE...; JSESSIONID="ajax:..."; bcookie=v=2&...
One line. Safe to export COOKIE_HEADER="$(...)" and pass to curl -H.
--format json
[
{"name": "li_at", "value": "AQE...", "domain": ".linkedin.com", "expires": 1780000000}
]
--format jar
Tab-separated name<TAB>value — convenient for shell parsing.
Security
- Domain-scoped — never dumps all cookies.
- Never writes cookie values to disk. Temp Firefox DB copy deleted after reading.
- Callers must never log or commit the output.
Dependencies
- macOS only for now. Paths hardcoded to
~/Library/Application Support/.... sqlite3(Firefox path) — preinstalleduv— for auto-provisioningbrowser_cookie3. Install:brew install uv
See also
ro:firefox-cookies— narrower legacy skill (Firefox only). Deprecated; prefer this.ro:linkedin-scan,ro:linkedin-voyager— primary callers.
Related Skills
RonanCodes/linear-update
development
VerifiedTrustedCommunity
Close the loop on a Linear ticket when its work ships - move the status and post a deploy comment with the PR link, what shipped, and a try-it link, mentioning the collaborator. Used as the tail of /ro:linear-nightshift for every merged mirror, or manually after an ad-hoc build. Triggers on "linear update", "update the linear ticket", "mark NUT-x done", "tell eoin it shipped", "/ro:linear-update".
SKILL.mdUpdated Jun 12, 2026
RonanCodes/linear-nightshift
devops
VerifiedTrustedCommunity
Run a night-shift against a collaborator's Linear board. Pulls the team's Grilled tickets (/ro:linear-grill moves a ticket to Grilled once its questions are answered), VERIFIES the questions were actually answered (unanswered → bounce the ticket to the "Question for <name>" state), mirrors verified tickets to ephemeral GitHub issues with ready-for-agent, then runs the standard /ro:night-shift machinery on GitHub. Tail-calls /ro:linear-update for everything that merged + deployed. Triggers on "linear nightshift", "nightshift linear", "drain the linear board", "run the shift off linear", "/ro:linear-nightshift".
SKILL.mdUpdated Jun 12, 2026
RonanCodes/linear-grill
development
VerifiedTrustedCommunity
Grill a collaborator's Linear tickets and move every processed ticket to where it belongs. Resolves the board from the repo's .ro-linear.json, reads the collaborator's Backlog / Ready-for-agent issues, then per ticket either posts 3-5 decision-extracting questions (state moves to "Question for <name>") or confirms it build-ready (state moves to "Grilled", the gate /ro:linear-nightshift consumes); shipped-and-confirmed tickets close as Done. The async-collaborator counterpart of /ro:day-shift for people who never touch GitHub. Triggers on "grill linear", "grill eoin's tickets", "linear grill", "add questions to the linear tickets", "/ro:linear-grill".
SKILL.mdUpdated Jun 12, 2026
RonanCodes/skills/about-page
development
VerifiedTrustedCommunity
--- name: about-page description: Add a standard About page to any web app, what it is, the tech stack, and an FAQ, wired into a footer link with a sticky footer. Built with Spartan + Tailwind (the canonical component layer) and falls back to semantic HTML so it ships reliably. Use whenever building, polishing, or shipping an app, every app should have one. Triggers on "add an about page", "about page", "footer about link", or as a standard step in app build/polish. category: frontend argument-h
SKILL.mdUpdated Jun 9, 2026