ghostonbutterbread/chromium-handoff
skills/chromium-handoff/SKILL.md
Expose a safe manual handoff page for an existing CDP Chromium session so Ryushe can solve CAPTCHA, Cloudflare, Turnstile, bot challenges, or inspect a stuck browser through an SSH tunnel.
devops
Updated May 28, 2026
$ install --global
skillsauthnpx skillsauth add ghostonbutterbread/bug-bounty-harness chromium-handoffInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 28, 2026, 2:28 AM109.7s2 files scanned
SKILL.md
- name:
- chromium-handoff
- description:
- Expose a safe manual handoff page for an existing CDP Chromium session so Ryushe can solve CAPTCHA, Cloudflare, Turnstile, bot challenges, or inspect a stuck browser through an SSH tunnel.
Chromium Handoff
Use when a Chromium/CDP browser is stuck on CAPTCHA, Cloudflare, Turnstile, bot-check, login step-up, or another page that Ryushe needs to complete manually.
This skill does not launch the browser. Use chromium-test first, then attach
this handoff server to the existing CDP endpoint.
Required Pairings
- Load
proxy-routing-policyfirst when proxy lane selection matters. - Use
chromium-testto launch an isolated browser with CDP bound to127.0.0.1. - Load
http-status-live-policyorwaf-live-policywhen the stop condition is a 403, 429, Cloudflare page, CAPTCHA, or bot challenge.
Workflow
- Confirm the target browser has a live CDP endpoint:
curl -sS http://127.0.0.1:<cdp_port>/json/list - Start the handoff server on Hoster:
CDP_URL=http://127.0.0.1:<cdp_port> \ LISTEN_HOST=127.0.0.1 \ LISTEN_PORT=9230 \ node "$HARNESS_ROOT/skills/chromium-handoff/scripts/cdp_handoff_server.js" - Give Ryushe a local SSH tunnel command. Preferred local port is
9998:ssh -i ~/.ssh/hoster -fN -L 9998:127.0.0.1:9230 ryushe@hoster xdg-open http://127.0.0.1:9998/ - Pause automation until Ryushe says to continue.
- After Ryushe solves or inspects the page, resume the same CDP browser session with Playwright or another CDP client.
What The Handoff Page Does
- Serves a small page from
127.0.0.1:<listen_port>. - Streams screenshots from the selected CDP page.
- Forwards Ryushe's clicks and typed text to the browser through Playwright/CDP.
- Keeps the browser's authenticated profile and proxy routing on Hoster.
Guardrails
- Do not bind Chrome CDP to
0.0.0.0unless Ryushe explicitly asks. - Do not expose the handoff server on public interfaces; use SSH tunneling.
- Do not use CAPTCHA-solving services, IP rotation, or challenge-bypass loops.
- Do not print, store, or copy raw cookies, bearer tokens, API keys, or session material from the browser or proxy.
- Do not perform state-changing actions after handoff unless Ryushe explicitly approves the exact action.
- Stop and ask if the page would require purchases, billing changes, invites, messages, account deletion, or mutation of non-owned data.
Notes
Raw DevTools forwarding is still useful for debugging, but it is awkward for manual CAPTCHA solving. This handoff server is preferred when Ryushe needs a simple remote browser view with click/type controls.
Related Skills
ghostonbutterbread/ato
testing
VerifiedTrustedCommunity
Route account takeover testing across password reset, recovery, SSO/OAuth, account linking, MFA, email change, session, invite, and identity-binding flows.
SKILL.mdUpdated Jun 5, 2026
ghostonbutterbread/url-ingest
testing
VerifiedTrustedCommunity
Use when importing, indexing, filtering, queueing, checking, or marking recon URLs in the SQLite-backed per-lane URL review tracker.
SKILL.mdUpdated Jun 4, 2026
ghostonbutterbread/payment-testing
testing
VerifiedTrustedCommunity
Route checkout, billing, subscriptions, coupons, credits, gift cards, invoices, refunds, payment authorization, and paid-entitlement testing into safe zero-dollar-first workflows.
SKILL.mdUpdated Jun 4, 2026
ghostonbutterbread/intercepted-proxy
data-ai
VerifiedTrustedCommunity
Launch scoped browsers through the correct Caido proxy, enable live intercept or Tamper one lane at a time, modify selected requests, forward them, then disable intercept.
SKILL.mdUpdated Jun 4, 2026