Stats
Actions
Tags
From wovol-lab
Generic Chrome browser primitive scoped to the `sensitive` profile — used for banking, healthcare, government, formal applications, and any context where blast radius is high. Mirrors the role of arc-browser-ops, but with hard guards layered on: domain allowlist enforcement, no orchestrator invocation, no scheduled jobs, and a refuse-on-doubt default. Operations are read-only by design; any state-changing action requires a manual user click in the browser itself, not via the skill.
How this skill is triggered — by the user, by Claude, or both
Slash command
/wovol-lab:chrome-sensitive-opsThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
A foundation primitive for the `sensitive` lane. The non-sensitive lanes
A foundation primitive for the sensitive lane. The non-sensitive lanes
(personal, wovol, school) can use the more permissive
arc-browser-ops. This skill exists because sensitive contexts need a
stricter set of defaults — and giving them their own primitive makes
those defaults harder to bypass by accident.
scripts/profile-init.sh sensitiveconfig/domain-allowlists/sensitive.txt is populated with the exact
hosts the user intends to allow in this profilepython3 "$WOVOL_LAB_ROOT/.claude/skills/_foundation/profile-manager/scripts/profile.py" verify sensitive || exit 2
These are enforced at the skill level AND by the standard hooks (
pre-submit-confirm, sensitive-mode-gate, profile-mismatch-detector):
browser_navigate. The user must have the tab open already.
browser_navigate in the MCP wrapper does not inherit the user's
cookies on first call, which can land the session at a login page —
a wrong place to be in sensitive context.browser_click on action elements. Submit, send, transfer,
pay, confirm, approve — none of these. Read-only inspection only.browser_evaluate or browser_run_code. Both are disabled in
the sensitive lane regardless of allowlist.config/domain-allowlists/sensitive.txt via
lib/safety-checks/domain_allowlist.py. A host not on the list aborts.WOVOL_PROFILE is not sensitive0. Save current frontmost app: bash lib/macos/return-focus.sh save
1. Verify CDP up on the sensitive port: curl http://localhost:9225/json/version
2. Find the tab via browser_tabs list
3. Switch to it (browser_tabs select)
4. browser_snapshot
5. Extract only the data you need (read-only)
6. Audit log entry with redacted summary
7. Output to user; never auto-act
8. Restore caller focus: bash lib/macos/return-focus.sh restore
Step 0 and 8 are paired — even on failure paths (CDP down, tab not
found, allowlist refusal) always invoke return-focus.sh restore so
the user's working app comes back to the foreground. Opt-out:
WOVOL_LAB_NO_RETURN_FOCUS=1.
| Symptom | Cause | Action |
|---|---|---|
| CDP not up on 9225 | Chrome not running with sensitive profile | Ask user to run scripts/browser-launcher.sh sensitive |
| Tab not found | User hasn't opened the page | Refuse — say "open the page in the sensitive profile first" |
| Domain not in allowlist | Misconfig or unintended redirect | Abort immediately; surface the host so user can decide whether to add |
WOVOL_PROFILE ≠ sensitive | Wrong profile | Hook stops execution; user switches profile |
Guides creation, editing, and verification of skills for AI coding agents using test-driven development with subagent scenarios. Use when authoring or debugging skills.
npx claudepluginhub whitestonetak/wovol-lab --plugin wovol-lab