@jackwener/opencli 0.7.3 → 0.7.4

package/README.md

@@ -1,7 +1,7 @@
 # OpenCLI
 
 > **Make any website your CLI.**  
-> Zero risk · Reuse Chrome login · AI-powered discovery
+> Zero risk · Reuse Chrome login · AI-powered discovery · 80+ commands · 19 sites
 
 [中文文档](./README.zh-CN.md)
 
@@ -9,7 +9,7 @@
 [![Node.js Version](https://img.shields.io/node/v/@jackwener/opencli?style=flat-square)](https://nodejs.org)
 [![License](https://img.shields.io/npm/l/@jackwener/opencli?style=flat-square)](./LICENSE)
 
-A CLI tool that turns **any website** into a command-line interface — bilibili, zhihu, xiaohongshu, twitter, reddit, and many more — powered by browser session reuse and AI-native discovery.
+A CLI tool that turns **any website** into a command-line interface — Bilibili, Zhihu, 小红书, Twitter/X, Reddit, YouTube, and [many more](#built-in-commands) — powered by browser session reuse and AI-native discovery.
 
 ---
 
@@ -32,8 +32,9 @@ A CLI tool that turns **any website** into a command-line interface — bilibili
 
 - **Account-safe** — Reuses Chrome's logged-in state; your credentials never leave the browser.
 - **AI Agent ready** — `explore` discovers APIs, `synthesize` generates adapters, `cascade` finds auth strategies.
+- **Self-healing setup** — `opencli setup` auto-discovers tokens; `opencli doctor` diagnoses config across 10+ tools; `--fix` repairs them all.
 - **Dynamic Loader** — Simply drop `.ts` or `.yaml` adapters into the `clis/` folder for auto-registration.
-- **Dual-Engine Architecture** — Supports both YAML declarative data pipelines and robust browser runtime typescript injections.
+- **Dual-Engine Architecture** — Supports both YAML declarative data pipelines and robust browser runtime TypeScript injections.
 
 ## Prerequisites
 
@@ -85,10 +86,12 @@ export PLAYWRIGHT_MCP_EXTENSION_TOKEN="<your-token-here>"
 
 </details>
 
-Verify with `opencli doctor` — shows colored status for all config locations:
+Verify with `opencli doctor` — shows colored status for extension install, token consistency, and all config locations:
 
 ```bash
-opencli doctor
+opencli doctor            # Token & config diagnosis
+opencli doctor --live     # Also test live browser connectivity
+opencli doctor --fix -y   # Auto-fix all mismatched configs
 ```
 
 ## Quick Start
@@ -130,27 +133,29 @@ npm install -g @jackwener/opencli@latest
 
 ## Built-in Commands
 
-| Site | Commands | Mode |
-|------|----------|------|
-| **bilibili** | `hot` `search` `me` `favorite` `history` `feed` `subtitle` `dynamic` `ranking` `following` `user-videos` | 🔐 Browser |
-| **zhihu** | `hot` `search` `question` | 🔐 Browser |
-| **xiaohongshu** | `search` `notifications` `feed` `user` | 🔐 Browser |
-| **xueqiu** | `feed` `hot-stock` `hot` `search` `stock` `watchlist` | 🔐 Browser |
-| **twitter** | `trending` `bookmarks` `profile` `search` `timeline` `thread` `following` `followers` `notifications` `post` `reply` `delete` `like` `article` `follow` `unfollow` `bookmark` `unbookmark` | 🔐 Browser |
-| **reddit** | `hot` `frontpage` `popular` `search` `subreddit` `read` `user` `user-posts` `user-comments` `upvote` `save` `comment` `subscribe` `saved` `upvoted` | 🔐 Browser |
-| **weibo** | `hot` | 🔐 Browser |
-| **boss** | `search` `detail` | 🔐 Browser |
-| **coupang** | `search` `add-to-cart` | 🔐 Browser |
-| **youtube** | `search` `video` `transcript` | 🔐 Browser |
-| **linkedin** | `search` | 🔐 Browser |
-| **yahoo-finance** | `quote` | 🔐 Browser |
-| **reuters** | `search` | 🔐 Browser |
-| **smzdm** | `search` | 🔐 Browser |
-| **ctrip** | `search` | 🔐 Browser |
-| **github** | `search` | 🌐 Public |
-| **v2ex** | `hot` `latest` `topic` `daily` `me` `notifications` | 🌐 Public / 🔐 Browser |
-| **hackernews** | `top` | 🌐 Public |
-| **bbc** | `news` | 🌐 Public |
+**19 sites · 80+ commands** — run `opencli list` for the live registry.
+
+| Site | Commands | Count | Mode |
+|------|----------|:-----:|------|
+| **twitter** | `trending` `bookmarks` `profile` `search` `timeline` `thread` `following` `followers` `notifications` `post` `reply` `delete` `like` `article` `follow` `unfollow` `bookmark` `unbookmark` | 18 | 🔐 Browser |
+| **reddit** | `hot` `frontpage` `popular` `search` `subreddit` `read` `user` `user-posts` `user-comments` `upvote` `save` `comment` `subscribe` `saved` `upvoted` | 15 | 🔐 Browser |
+| **bilibili** | `hot` `search` `me` `favorite` `history` `feed` `subtitle` `dynamic` `ranking` `following` `user-videos` | 11 | 🔐 Browser |
+| **v2ex** | `hot` `latest` `topic` `daily` `me` `notifications` | 6 | 🌐 / 🔐 |
+| **xueqiu** | `feed` `hot-stock` `hot` `search` `stock` `watchlist` | 6 | 🔐 Browser |
+| **xiaohongshu** | `search` `notifications` `feed` `me` `user` | 5 | 🔐 Browser |
+| **youtube** | `search` `video` `transcript` | 3 | 🔐 Browser |
+| **zhihu** | `hot` `search` `question` | 3 | 🔐 Browser |
+| **boss** | `search` `detail` | 2 | 🔐 Browser |
+| **coupang** | `search` `add-to-cart` | 2 | 🔐 Browser |
+| **bbc** | `news` | 1 | 🌐 Public |
+| **ctrip** | `search` | 1 | 🔐 Browser |
+| **github** | `search` | 1 | 🌐 Public |
+| **hackernews** | `top` | 1 | 🌐 Public |
+| **linkedin** | `search` | 1 | 🔐 Browser |
+| **reuters** | `search` | 1 | 🔐 Browser |
+| **smzdm** | `search` | 1 | 🔐 Browser |
+| **weibo** | `hot` | 1 | 🔐 Browser |
+| **yahoo-finance** | `quote` | 1 | 🔐 Browser |
 
 ## Output Formats
 
@@ -195,7 +200,7 @@ Explore outputs to `.opencli/explore/<site>/` (manifest.json, endpoints.json, ca
 
 See **[TESTING.md](./TESTING.md)** for the full testing guide, including:
 
-- Current test coverage (unit + ~52 E2E tests across all 18 sites)
+- Current test coverage (unit + E2E tests across 19 sites)
 - How to run tests locally
 - How to add tests when creating new adapters
 - CI/CD pipeline with sharding

package/SKILL.md

@@ -1,9 +1,9 @@
 ---
 name: opencli
-description: "OpenCLI — Make any website your CLI. Zero risk, AI-powered, reuse Chrome login."
-version: 0.7.0
+description: "OpenCLI — Make any website your CLI. Zero risk, AI-powered, reuse Chrome login. 80+ commands across 19 sites."
+version: 0.7.3
 author: jackwener
-tags: [cli, browser, web, mcp, playwright, bilibili, zhihu, twitter, github, v2ex, hackernews, reddit, xiaohongshu, xueqiu, AI, agent]
+tags: [cli, browser, web, mcp, playwright, bilibili, zhihu, twitter, github, v2ex, hackernews, reddit, xiaohongshu, xueqiu, youtube, boss, coupang, AI, agent]
 ---
 
 # OpenCLI
@@ -68,6 +68,7 @@ opencli zhihu question --id 34816524     # 问题详情和回答
 opencli xiaohongshu search --keyword "美食"  # 搜索笔记
 opencli xiaohongshu notifications             # 通知（mentions/likes/connections）
 opencli xiaohongshu feed --limit 10           # 推荐 Feed
+opencli xiaohongshu me                        # 我的信息
 opencli xiaohongshu user --uid xxx             # 用户主页
 
 # 雪球 Xueqiu (browser)
@@ -131,6 +132,7 @@ opencli weibo hot --limit 10            # 微博热搜
 
 # BOSS直聘 (browser)
 opencli boss search --query "AI agent"  # 搜索职位
+opencli boss detail --securityId xxx    # 职位详情
 
 # YouTube (browser)
 opencli youtube search --query "rust"   # 搜索视频
@@ -160,7 +162,8 @@ opencli list -f yaml        # YAML output
 opencli validate            # Validate all CLI definitions
 opencli validate bilibili   # Validate specific site
 opencli setup               # Interactive token setup (auto-discover + TUI checkbox)
-opencli doctor              # Diagnose token config across all tools
+opencli doctor              # Diagnose token & extension config across all tools
+opencli doctor --live       # Also test live browser connectivity
 opencli doctor --fix -y     # Auto-fix all config files (non-interactive)
 ```
 

package/dist/doctor.d.ts

@@ -2,6 +2,7 @@ export declare const PLAYWRIGHT_TOKEN_ENV = "PLAYWRIGHT_MCP_EXTENSION_TOKEN";
 export type DoctorOptions = {
     fix?: boolean;
     yes?: boolean;
+    live?: boolean;
     shellRc?: string;
     configPaths?: string[];
     token?: string;
@@ -23,16 +24,24 @@ export type McpConfigStatus = {
     writable: boolean;
     parseError?: string;
 };
+export type ConnectivityResult = {
+    ok: boolean;
+    error?: string;
+    durationMs: number;
+};
 export type DoctorReport = {
     cliVersion?: string;
     envToken: string | null;
     envFingerprint: string | null;
     extensionToken: string | null;
     extensionFingerprint: string | null;
+    extensionInstalled: boolean;
+    extensionBrowsers: string[];
     shellFiles: ShellFileStatus[];
     configs: McpConfigStatus[];
     recommendedToken: string | null;
     recommendedFingerprint: string | null;
+    connectivity?: ConnectivityResult;
     warnings: string[];
     issues: string[];
 };
@@ -50,10 +59,28 @@ export declare function fileExists(filePath: string): boolean;
  * Discover the auth token stored by the Playwright MCP Bridge extension
  * by scanning Chrome's LevelDB localStorage files directly.
  *
- * Uses `strings` + `grep` for fast binary scanning on macOS/Linux,
- * with a pure-Node fallback on Windows.
+ * Reads LevelDB .ldb/.log files as raw binary and searches for the
+ * extension ID near base64url token values. This works reliably across
+ * platforms because LevelDB's internal encoding can split ASCII strings
+ * like "auth-token" and the extension ID across byte boundaries, making
+ * text-based tools like `strings` + `grep` unreliable.
  */
 export declare function discoverExtensionToken(): string | null;
+/**
+ * Check whether the Playwright MCP Bridge extension is installed in any browser.
+ * Scans Chrome/Chromium/Edge Extensions directories for the known extension ID.
+ */
+export declare function checkExtensionInstalled(): {
+    installed: boolean;
+    browsers: string[];
+};
+/**
+ * Test token connectivity by attempting a real MCP connection.
+ * Connects, does the JSON-RPC handshake, and immediately closes.
+ */
+export declare function checkTokenConnectivity(opts?: {
+    timeout?: number;
+}): Promise<ConnectivityResult>;
 export declare function runBrowserDoctor(opts?: DoctorOptions): Promise<DoctorReport>;
 export declare function renderBrowserDoctorReport(report: DoctorReport): string;
 export declare function writeFileWithMkdir(filePath: string, content: string): void;

package/dist/doctor.js

@@ -1,11 +1,10 @@
 import * as fs from 'node:fs';
 import * as os from 'node:os';
 import * as path from 'node:path';
-import { execSync } from 'node:child_process';
 import { createInterface } from 'node:readline/promises';
 import { stdin as input, stdout as output } from 'node:process';
 import chalk from 'chalk';
-import { getTokenFingerprint } from './browser.js';
+import { PlaywrightMCP, getTokenFingerprint } from './browser.js';
 const PLAYWRIGHT_SERVER_NAME = 'playwright';
 export const PLAYWRIGHT_TOKEN_ENV = 'PLAYWRIGHT_MCP_EXTENSION_TOKEN';
 const PLAYWRIGHT_EXTENSION_ID = 'mmlmfjhmonkocbjadbfplnigmagldckm';
@@ -105,7 +104,7 @@ function readTokenFromJsonObject(parsed) {
     const direct = parsed?.mcpServers?.[PLAYWRIGHT_SERVER_NAME]?.env?.[PLAYWRIGHT_TOKEN_ENV];
     if (typeof direct === 'string' && direct)
         return direct;
-    const opencode = parsed?.mcp?.[PLAYWRIGHT_SERVER_NAME]?.env?.[PLAYWRIGHT_TOKEN_ENV];
+    const opencode = parsed?.mcp?.[PLAYWRIGHT_SERVER_NAME]?.environment?.[PLAYWRIGHT_TOKEN_ENV];
     if (typeof opencode === 'string' && opencode)
         return opencode;
     return null;
@@ -127,8 +126,8 @@ export function upsertJsonConfigToken(content, token) {
             enabled: true,
             type: 'local',
         };
-        parsed.mcp[PLAYWRIGHT_SERVER_NAME].env = parsed.mcp[PLAYWRIGHT_SERVER_NAME].env ?? {};
-        parsed.mcp[PLAYWRIGHT_SERVER_NAME].env[PLAYWRIGHT_TOKEN_ENV] = token;
+        parsed.mcp[PLAYWRIGHT_SERVER_NAME].environment = parsed.mcp[PLAYWRIGHT_SERVER_NAME].environment ?? {};
+        parsed.mcp[PLAYWRIGHT_SERVER_NAME].environment[PLAYWRIGHT_TOKEN_ENV] = token;
     }
     return `${JSON.stringify(parsed, null, 2)}\n`;
 }
@@ -211,8 +210,11 @@ function readConfigStatus(filePath) {
  * Discover the auth token stored by the Playwright MCP Bridge extension
  * by scanning Chrome's LevelDB localStorage files directly.
  *
- * Uses `strings` + `grep` for fast binary scanning on macOS/Linux,
- * with a pure-Node fallback on Windows.
+ * Reads LevelDB .ldb/.log files as raw binary and searches for the
+ * extension ID near base64url token values. This works reliably across
+ * platforms because LevelDB's internal encoding can split ASCII strings
+ * like "auth-token" and the extension ID across byte boundaries, making
+ * text-based tools like `strings` + `grep` unreliable.
  */
 export function discoverExtensionToken() {
     const home = os.homedir();
@@ -229,21 +231,12 @@ export function discoverExtensionToken() {
         bases.push(path.join(appData, 'Google', 'Chrome', 'User Data'), path.join(appData, 'Microsoft', 'Edge', 'User Data'));
     }
     const profiles = ['Default', 'Profile 1', 'Profile 2', 'Profile 3'];
-    // Token is 43 chars of base64url (from 32 random bytes)
     const tokenRe = /([A-Za-z0-9_-]{40,50})/;
     for (const base of bases) {
         for (const profile of profiles) {
             const dir = path.join(base, profile, 'Local Storage', 'leveldb');
             if (!fileExists(dir))
                 continue;
-            // Fast path: use strings + grep to find candidate files and extract token
-            if (platform !== 'win32') {
-                const token = extractTokenViaStrings(dir, tokenRe);
-                if (token)
-                    return token;
-                continue;
-            }
-            // Slow path (Windows): read binary files directly
             const token = extractTokenViaBinaryRead(dir, tokenRe);
             if (token)
                 return token;
@@ -251,39 +244,20 @@ export function discoverExtensionToken() {
     }
     return null;
 }
-function extractTokenViaStrings(dir, tokenRe) {
-    try {
-        // Single shell pipeline: for each LevelDB file, extract strings, find lines
-        // after the extension ID, and filter for base64url token pattern.
-        //
-        // LevelDB `strings` output for the extension's auth-token entry:
-        //   auth-token                                    ← key name
-        //   4,mmlmfjhmonkocbjadbfplnigmagldckm.7          ← LevelDB internal key
-        //   hqI86ncsD1QpcVcj-k9CyzTF-ieCQd_4KreZ_wy1WHA  ← token value
-        //
-        // We get the line immediately after any EXTENSION_ID mention and check
-        // if it looks like a base64url token (40-50 chars, [A-Za-z0-9_-]).
-        const shellDir = dir.replace(/'/g, "'\\''");
-        const cmd = `for f in '${shellDir}'/*.ldb '${shellDir}'/*.log; do ` +
-            `[ -f "$f" ] && strings "$f" 2>/dev/null | ` +
-            `grep -A1 '${PLAYWRIGHT_EXTENSION_ID}' | ` +
-            `grep -v '${PLAYWRIGHT_EXTENSION_ID}' | ` +
-            `grep -E '^[A-Za-z0-9_-]{40,50}$' | head -1; ` +
-            `done 2>/dev/null`;
-        const result = execSync(cmd, { encoding: 'utf-8', timeout: 10000 }).trim();
-        // Take the first non-empty line
-        for (const line of result.split('\n')) {
-            const token = line.trim();
-            if (token && validateBase64urlToken(token))
-                return token;
-        }
-    }
-    catch { }
-    return null;
-}
 function extractTokenViaBinaryRead(dir, tokenRe) {
+    // LevelDB fragments strings across byte boundaries, so we can't search
+    // for the full extension ID or "auth-token" as contiguous ASCII. Instead,
+    // search for a short prefix of the extension ID that reliably appears as
+    // contiguous bytes, then scan a window around each match for a base64url
+    // token value.
+    //
+    // Observed LevelDB layout near the auth-token entry:
+    //   ... auth-t<binary> ... 4,mmlmfjh<binary>Pocbjadbfplnigmagldckm.7 ...
+    //   <binary> hqI86ncsD1QpcVcj-k9CyzTF-ieCQd_4KreZ_wy1WHA <binary> ...
+    //
+    // The extension ID prefix "mmlmfjh" appears ~44 bytes before the token.
     const extIdBuf = Buffer.from(PLAYWRIGHT_EXTENSION_ID);
-    const keyBuf = Buffer.from('auth-token');
+    const extIdPrefix = Buffer.from(PLAYWRIGHT_EXTENSION_ID.slice(0, 7)); // "mmlmfjh"
     let files;
     try {
         files = fs.readdirSync(dir)
@@ -293,7 +267,7 @@ function extractTokenViaBinaryRead(dir, tokenRe) {
     catch {
         return null;
     }
-    // Sort by mtime descending
+    // Sort by mtime descending so we find the freshest token first
     files.sort((a, b) => {
         try {
             return fs.statSync(b).mtimeMs - fs.statSync(a).mtimeMs;
@@ -310,15 +284,30 @@ function extractTokenViaBinaryRead(dir, tokenRe) {
         catch {
             continue;
         }
-        // Quick check: does file contain both the extension ID and auth-token key?
-        const extPos = data.indexOf(extIdBuf);
-        if (extPos === -1)
-            continue;
-        const keyPos = data.indexOf(keyBuf, Math.max(0, extPos - 500));
-        if (keyPos === -1)
+        // Quick check: file must contain at least the prefix
+        if (data.indexOf(extIdPrefix) === -1)
             continue;
-        // Scan for token value after auth-token key
+        // Strategy 1: scan after each occurrence of the extension ID prefix
+        // for base64url tokens within a 500-byte window
         let idx = 0;
+        while (true) {
+            const pos = data.indexOf(extIdPrefix, idx);
+            if (pos === -1)
+                break;
+            const scanStart = pos;
+            const scanEnd = Math.min(data.length, pos + 500);
+            const window = data.subarray(scanStart, scanEnd).toString('latin1');
+            const m = window.match(tokenRe);
+            if (m && validateBase64urlToken(m[1])) {
+                // Make sure this isn't another extension ID that happens to match
+                if (m[1] !== PLAYWRIGHT_EXTENSION_ID)
+                    return m[1];
+            }
+            idx = pos + 1;
+        }
+        // Strategy 2 (fallback): original approach using full extension ID + auth-token key
+        const keyBuf = Buffer.from('auth-token');
+        idx = 0;
         while (true) {
             const kp = data.indexOf(keyBuf, idx);
             if (kp === -1)
@@ -345,6 +334,54 @@ function validateBase64urlToken(token) {
         return false;
     }
 }
+/**
+ * Check whether the Playwright MCP Bridge extension is installed in any browser.
+ * Scans Chrome/Chromium/Edge Extensions directories for the known extension ID.
+ */
+export function checkExtensionInstalled() {
+    const home = os.homedir();
+    const platform = os.platform();
+    const browserDirs = [];
+    if (platform === 'darwin') {
+        browserDirs.push({ name: 'Chrome', base: path.join(home, 'Library', 'Application Support', 'Google', 'Chrome') }, { name: 'Chrome Canary', base: path.join(home, 'Library', 'Application Support', 'Google', 'Chrome Canary') }, { name: 'Chromium', base: path.join(home, 'Library', 'Application Support', 'Chromium') }, { name: 'Edge', base: path.join(home, 'Library', 'Application Support', 'Microsoft Edge') });
+    }
+    else if (platform === 'linux') {
+        browserDirs.push({ name: 'Chrome', base: path.join(home, '.config', 'google-chrome') }, { name: 'Chromium', base: path.join(home, '.config', 'chromium') }, { name: 'Edge', base: path.join(home, '.config', 'microsoft-edge') });
+    }
+    else if (platform === 'win32') {
+        const appData = process.env.LOCALAPPDATA || path.join(home, 'AppData', 'Local');
+        browserDirs.push({ name: 'Chrome', base: path.join(appData, 'Google', 'Chrome', 'User Data') }, { name: 'Edge', base: path.join(appData, 'Microsoft', 'Edge', 'User Data') });
+    }
+    const profiles = ['Default', 'Profile 1', 'Profile 2', 'Profile 3'];
+    const foundBrowsers = [];
+    for (const { name, base } of browserDirs) {
+        for (const profile of profiles) {
+            const extDir = path.join(base, profile, 'Extensions', PLAYWRIGHT_EXTENSION_ID);
+            if (fileExists(extDir)) {
+                foundBrowsers.push(name);
+                break; // one match per browser is enough
+            }
+        }
+    }
+    return { installed: foundBrowsers.length > 0, browsers: [...new Set(foundBrowsers)] };
+}
+/**
+ * Test token connectivity by attempting a real MCP connection.
+ * Connects, does the JSON-RPC handshake, and immediately closes.
+ */
+export async function checkTokenConnectivity(opts) {
+    const timeout = opts?.timeout ?? 8;
+    const start = Date.now();
+    try {
+        const mcp = new PlaywrightMCP();
+        await mcp.connect({ timeout });
+        await mcp.close();
+        return { ok: true, durationMs: Date.now() - start };
+    }
+    catch (err) {
+        return { ok: false, error: err?.message ?? String(err), durationMs: Date.now() - start };
+    }
+}
 export async function runBrowserDoctor(opts = {}) {
     const envToken = process.env[PLAYWRIGHT_TOKEN_ENV] ?? null;
     const shellPath = opts.shellRc ?? getDefaultShellRcPath();
@@ -368,19 +405,31 @@ export async function runBrowserDoctor(opts = {}) {
     ].filter((v) => !!v);
     const uniqueTokens = [...new Set(allTokens)];
     const recommendedToken = opts.token ?? extensionToken ?? envToken ?? (uniqueTokens.length === 1 ? uniqueTokens[0] : null) ?? null;
+    // Check extension installation
+    const extInstall = checkExtensionInstalled();
+    // Connectivity test (only when --live)
+    let connectivity;
+    if (opts.live) {
+        connectivity = await checkTokenConnectivity();
+    }
     const report = {
         cliVersion: opts.cliVersion,
         envToken,
         envFingerprint: getTokenFingerprint(envToken ?? undefined),
         extensionToken,
         extensionFingerprint: getTokenFingerprint(extensionToken ?? undefined),
+        extensionInstalled: extInstall.installed,
+        extensionBrowsers: extInstall.browsers,
         shellFiles,
         configs,
         recommendedToken,
         recommendedFingerprint: getTokenFingerprint(recommendedToken ?? undefined),
+        connectivity,
         warnings: [],
         issues: [],
     };
+    if (!extInstall.installed)
+        report.issues.push('Playwright MCP Bridge extension is not installed in any browser.');
     if (!envToken)
         report.issues.push(`Current environment is missing ${PLAYWRIGHT_TOKEN_ENV}.`);
     if (!shellFiles.some(s => s.token))
@@ -389,6 +438,8 @@ export async function runBrowserDoctor(opts = {}) {
         report.issues.push('No scanned MCP config currently contains a Playwright extension token.');
     if (uniqueTokens.length > 1)
         report.issues.push('Detected inconsistent Playwright MCP tokens across env/config files.');
+    if (connectivity && !connectivity.ok)
+        report.issues.push(`Browser connectivity test failed: ${connectivity.error ?? 'unknown'}`);
     for (const config of configs) {
         if (config.parseError)
             report.warnings.push(`Could not parse ${config.path}: ${config.parseError}`);
@@ -408,6 +459,11 @@ export function renderBrowserDoctorReport(report) {
     const uniqueFingerprints = [...new Set(tokenFingerprints)];
     const hasMismatch = uniqueFingerprints.length > 1;
     const lines = [chalk.bold(`opencli v${report.cliVersion ?? 'unknown'} doctor`), ''];
+    const installStatus = report.extensionInstalled ? 'OK' : 'MISSING';
+    const installDetail = report.extensionInstalled
+        ? `Extension installed (${report.extensionBrowsers.join(', ')})`
+        : 'Extension not installed in any browser';
+    lines.push(statusLine(installStatus, installDetail));
     const extStatus = !report.extensionToken ? 'MISSING' : hasMismatch ? 'MISMATCH' : 'OK';
     lines.push(statusLine(extStatus, `Extension token (Chrome LevelDB): ${tokenSummary(report.extensionToken, report.extensionFingerprint)}`));
     const envStatus = !report.envToken ? 'MISSING' : hasMismatch ? 'MISMATCH' : 'OK';
@@ -441,6 +497,17 @@ export function renderBrowserDoctorReport(report) {
     if (missingConfigCount > 0)
         lines.push(chalk.dim(`     Other scanned config locations not present: ${missingConfigCount}`));
     lines.push('');
+    // Connectivity result
+    if (report.connectivity) {
+        const connStatus = report.connectivity.ok ? 'OK' : 'WARN';
+        const connDetail = report.connectivity.ok
+            ? `Browser connectivity: connected in ${(report.connectivity.durationMs / 1000).toFixed(1)}s`
+            : `Browser connectivity: failed (${report.connectivity.error ?? 'unknown'})`;
+        lines.push(statusLine(connStatus, connDetail));
+    }
+    else {
+        lines.push(statusLine('WARN', 'Browser connectivity: not tested (use --live)'));
+    }
     lines.push(statusLine(hasMismatch ? 'MISMATCH' : report.recommendedToken ? 'OK' : 'WARN', `Recommended token fingerprint: ${report.recommendedFingerprint ?? 'unavailable'}`));
     if (report.issues.length) {
         lines.push('', chalk.yellow('Issues:'));

package/dist/doctor.test.js

@@ -66,7 +66,7 @@ describe('json token helpers', () => {
             },
         }), 'abc123');
         const parsed = JSON.parse(next);
-        expect(parsed.mcp.playwright.env.PLAYWRIGHT_MCP_EXTENSION_TOKEN).toBe('abc123');
+        expect(parsed.mcp.playwright.environment.PLAYWRIGHT_MCP_EXTENSION_TOKEN).toBe('abc123');
     });
 });
 describe('doctor report rendering', () => {
@@ -77,6 +77,8 @@ describe('doctor report rendering', () => {
             envFingerprint: 'fp1',
             extensionToken: 'abc123',
             extensionFingerprint: 'fp1',
+            extensionInstalled: true,
+            extensionBrowsers: ['Chrome'],
             shellFiles: [{ path: '/tmp/.zshrc', exists: true, token: 'abc123', fingerprint: 'fp1' }],
             configs: [{ path: '/tmp/mcp.json', exists: true, format: 'json', token: 'abc123', fingerprint: 'fp1', writable: true }],
             recommendedToken: 'abc123',
@@ -84,6 +86,7 @@ describe('doctor report rendering', () => {
             warnings: [],
             issues: [],
         }));
+        expect(text).toContain('[OK] Extension installed (Chrome)');
         expect(text).toContain('[OK] Environment token: configured (fp1)');
         expect(text).toContain('[OK] /tmp/mcp.json');
         expect(text).toContain('configured (fp1)');
@@ -94,6 +97,8 @@ describe('doctor report rendering', () => {
             envFingerprint: 'fp1',
             extensionToken: null,
             extensionFingerprint: null,
+            extensionInstalled: false,
+            extensionBrowsers: [],
             shellFiles: [{ path: '/tmp/.zshrc', exists: true, token: 'def456', fingerprint: 'fp2' }],
             configs: [{ path: '/tmp/mcp.json', exists: true, format: 'json', token: 'abc123', fingerprint: 'fp1', writable: true }],
             recommendedToken: 'abc123',
@@ -101,9 +106,45 @@ describe('doctor report rendering', () => {
             warnings: [],
             issues: ['Detected inconsistent Playwright MCP tokens across env/config files.'],
         }));
+        expect(text).toContain('[MISSING] Extension not installed in any browser');
         expect(text).toContain('[MISMATCH] Environment token: configured (fp1)');
         expect(text).toContain('[MISMATCH] /tmp/.zshrc');
         expect(text).toContain('configured (fp2)');
         expect(text).toContain('[MISMATCH] Recommended token fingerprint: fp1');
     });
+    it('renders connectivity OK when live test succeeds', () => {
+        const text = strip(renderBrowserDoctorReport({
+            envToken: 'abc123',
+            envFingerprint: 'fp1',
+            extensionToken: 'abc123',
+            extensionFingerprint: 'fp1',
+            extensionInstalled: true,
+            extensionBrowsers: ['Chrome'],
+            shellFiles: [],
+            configs: [],
+            recommendedToken: 'abc123',
+            recommendedFingerprint: 'fp1',
+            connectivity: { ok: true, durationMs: 1234 },
+            warnings: [],
+            issues: [],
+        }));
+        expect(text).toContain('[OK] Browser connectivity: connected in 1.2s');
+    });
+    it('renders connectivity WARN when not tested', () => {
+        const text = strip(renderBrowserDoctorReport({
+            envToken: 'abc123',
+            envFingerprint: 'fp1',
+            extensionToken: 'abc123',
+            extensionFingerprint: 'fp1',
+            extensionInstalled: true,
+            extensionBrowsers: ['Chrome'],
+            shellFiles: [],
+            configs: [],
+            recommendedToken: 'abc123',
+            recommendedFingerprint: 'fp1',
+            warnings: [],
+            issues: [],
+        }));
+        expect(text).toContain('[WARN] Browser connectivity: not tested (use --live)');
+    });
 });

package/dist/main.js

@@ -102,12 +102,13 @@ program.command('doctor')
     .option('--fix', 'Apply suggested fixes to shell rc and detected MCP configs', false)
     .option('-y, --yes', 'Skip confirmation prompts when applying fixes', false)
     .option('--token <token>', 'Override token to write instead of auto-detecting')
+    .option('--live', 'Test browser connectivity (requires Chrome running)', false)
     .option('--shell-rc <path>', 'Shell startup file to update')
     .option('--mcp-config <paths>', 'Comma-separated MCP config paths to scan/update')
     .action(async (opts) => {
     const { runBrowserDoctor, renderBrowserDoctorReport, applyBrowserDoctorFix } = await import('./doctor.js');
     const configPaths = opts.mcpConfig ? String(opts.mcpConfig).split(',').map((s) => s.trim()).filter(Boolean) : undefined;
-    const report = await runBrowserDoctor({ token: opts.token, shellRc: opts.shellRc, configPaths, cliVersion: PKG_VERSION });
+    const report = await runBrowserDoctor({ token: opts.token, live: opts.live, shellRc: opts.shellRc, configPaths, cliVersion: PKG_VERSION });
     console.log(renderBrowserDoctorReport(report));
     if (opts.fix) {
         const written = await applyBrowserDoctorFix(report, { fix: true, yes: opts.yes, token: opts.token, shellRc: opts.shellRc, configPaths });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@jackwener/opencli",
-  "version": "0.7.3",
+  "version": "0.7.4",
   "publishConfig": {
     "access": "public"
   },

package/src/doctor.test.ts

@@ -81,7 +81,7 @@ describe('json token helpers', () => {
       },
     }), 'abc123');
     const parsed = JSON.parse(next);
-    expect(parsed.mcp.playwright.env.PLAYWRIGHT_MCP_EXTENSION_TOKEN).toBe('abc123');
+    expect(parsed.mcp.playwright.environment.PLAYWRIGHT_MCP_EXTENSION_TOKEN).toBe('abc123');
   });
 });
 
@@ -94,6 +94,8 @@ describe('doctor report rendering', () => {
       envFingerprint: 'fp1',
       extensionToken: 'abc123',
       extensionFingerprint: 'fp1',
+      extensionInstalled: true,
+      extensionBrowsers: ['Chrome'],
       shellFiles: [{ path: '/tmp/.zshrc', exists: true, token: 'abc123', fingerprint: 'fp1' }],
       configs: [{ path: '/tmp/mcp.json', exists: true, format: 'json', token: 'abc123', fingerprint: 'fp1', writable: true }],
       recommendedToken: 'abc123',
@@ -102,6 +104,7 @@ describe('doctor report rendering', () => {
       issues: [],
     }));
 
+    expect(text).toContain('[OK] Extension installed (Chrome)');
     expect(text).toContain('[OK] Environment token: configured (fp1)');
     expect(text).toContain('[OK] /tmp/mcp.json');
     expect(text).toContain('configured (fp1)');
@@ -113,6 +116,8 @@ describe('doctor report rendering', () => {
       envFingerprint: 'fp1',
       extensionToken: null,
       extensionFingerprint: null,
+      extensionInstalled: false,
+      extensionBrowsers: [],
       shellFiles: [{ path: '/tmp/.zshrc', exists: true, token: 'def456', fingerprint: 'fp2' }],
       configs: [{ path: '/tmp/mcp.json', exists: true, format: 'json', token: 'abc123', fingerprint: 'fp1', writable: true }],
       recommendedToken: 'abc123',
@@ -121,10 +126,50 @@ describe('doctor report rendering', () => {
       issues: ['Detected inconsistent Playwright MCP tokens across env/config files.'],
     }));
 
+    expect(text).toContain('[MISSING] Extension not installed in any browser');
     expect(text).toContain('[MISMATCH] Environment token: configured (fp1)');
     expect(text).toContain('[MISMATCH] /tmp/.zshrc');
     expect(text).toContain('configured (fp2)');
     expect(text).toContain('[MISMATCH] Recommended token fingerprint: fp1');
   });
+
+  it('renders connectivity OK when live test succeeds', () => {
+    const text = strip(renderBrowserDoctorReport({
+      envToken: 'abc123',
+      envFingerprint: 'fp1',
+      extensionToken: 'abc123',
+      extensionFingerprint: 'fp1',
+      extensionInstalled: true,
+      extensionBrowsers: ['Chrome'],
+      shellFiles: [],
+      configs: [],
+      recommendedToken: 'abc123',
+      recommendedFingerprint: 'fp1',
+      connectivity: { ok: true, durationMs: 1234 },
+      warnings: [],
+      issues: [],
+    }));
+
+    expect(text).toContain('[OK] Browser connectivity: connected in 1.2s');
+  });
+
+  it('renders connectivity WARN when not tested', () => {
+    const text = strip(renderBrowserDoctorReport({
+      envToken: 'abc123',
+      envFingerprint: 'fp1',
+      extensionToken: 'abc123',
+      extensionFingerprint: 'fp1',
+      extensionInstalled: true,
+      extensionBrowsers: ['Chrome'],
+      shellFiles: [],
+      configs: [],
+      recommendedToken: 'abc123',
+      recommendedFingerprint: 'fp1',
+      warnings: [],
+      issues: [],
+    }));
+
+    expect(text).toContain('[WARN] Browser connectivity: not tested (use --live)');
+  });
 });
 

package/src/doctor.ts

@@ -1,7 +1,7 @@
 import * as fs from 'node:fs';
 import * as os from 'node:os';
 import * as path from 'node:path';
-import { execSync } from 'node:child_process';
+
 import { createInterface } from 'node:readline/promises';
 import { stdin as input, stdout as output } from 'node:process';
 import chalk from 'chalk';
@@ -16,6 +16,7 @@ const TOKEN_LINE_RE = /^(\s*export\s+PLAYWRIGHT_MCP_EXTENSION_TOKEN=)(['"]?)([^'
 export type DoctorOptions = {
   fix?: boolean;
   yes?: boolean;
+  live?: boolean;
   shellRc?: string;
   configPaths?: string[];
   token?: string;
@@ -41,16 +42,25 @@ export type McpConfigStatus = {
   parseError?: string;
 };
 
+export type ConnectivityResult = {
+  ok: boolean;
+  error?: string;
+  durationMs: number;
+};
+
 export type DoctorReport = {
   cliVersion?: string;
   envToken: string | null;
   envFingerprint: string | null;
   extensionToken: string | null;
   extensionFingerprint: string | null;
+  extensionInstalled: boolean;
+  extensionBrowsers: string[];
   shellFiles: ShellFileStatus[];
   configs: McpConfigStatus[];
   recommendedToken: string | null;
   recommendedFingerprint: string | null;
+  connectivity?: ConnectivityResult;
   warnings: string[];
   issues: string[];
 };
@@ -147,7 +157,7 @@ function readJsonConfigToken(content: string): string | null {
 function readTokenFromJsonObject(parsed: any): string | null {
   const direct = parsed?.mcpServers?.[PLAYWRIGHT_SERVER_NAME]?.env?.[PLAYWRIGHT_TOKEN_ENV];
   if (typeof direct === 'string' && direct) return direct;
-  const opencode = parsed?.mcp?.[PLAYWRIGHT_SERVER_NAME]?.env?.[PLAYWRIGHT_TOKEN_ENV];
+  const opencode = parsed?.mcp?.[PLAYWRIGHT_SERVER_NAME]?.environment?.[PLAYWRIGHT_TOKEN_ENV];
   if (typeof opencode === 'string' && opencode) return opencode;
   return null;
 }
@@ -168,8 +178,8 @@ export function upsertJsonConfigToken(content: string, token: string): string {
       enabled: true,
       type: 'local',
     };
-    parsed.mcp[PLAYWRIGHT_SERVER_NAME].env = parsed.mcp[PLAYWRIGHT_SERVER_NAME].env ?? {};
-    parsed.mcp[PLAYWRIGHT_SERVER_NAME].env[PLAYWRIGHT_TOKEN_ENV] = token;
+    parsed.mcp[PLAYWRIGHT_SERVER_NAME].environment = parsed.mcp[PLAYWRIGHT_SERVER_NAME].environment ?? {};
+    parsed.mcp[PLAYWRIGHT_SERVER_NAME].environment[PLAYWRIGHT_TOKEN_ENV] = token;
   }
   return `${JSON.stringify(parsed, null, 2)}\n`;
 }
@@ -256,8 +266,11 @@ function readConfigStatus(filePath: string): McpConfigStatus {
  * Discover the auth token stored by the Playwright MCP Bridge extension
  * by scanning Chrome's LevelDB localStorage files directly.
  *
- * Uses `strings` + `grep` for fast binary scanning on macOS/Linux,
- * with a pure-Node fallback on Windows.
+ * Reads LevelDB .ldb/.log files as raw binary and searches for the
+ * extension ID near base64url token values. This works reliably across
+ * platforms because LevelDB's internal encoding can split ASCII strings
+ * like "auth-token" and the extension ID across byte boundaries, making
+ * text-based tools like `strings` + `grep` unreliable.
  */
 export function discoverExtensionToken(): string | null {
   const home = os.homedir();
@@ -286,7 +299,6 @@ export function discoverExtensionToken(): string | null {
   }
 
   const profiles = ['Default', 'Profile 1', 'Profile 2', 'Profile 3'];
-  // Token is 43 chars of base64url (from 32 random bytes)
   const tokenRe = /([A-Za-z0-9_-]{40,50})/;
 
   for (const base of bases) {
@@ -294,14 +306,6 @@ export function discoverExtensionToken(): string | null {
       const dir = path.join(base, profile, 'Local Storage', 'leveldb');
       if (!fileExists(dir)) continue;
 
-      // Fast path: use strings + grep to find candidate files and extract token
-      if (platform !== 'win32') {
-        const token = extractTokenViaStrings(dir, tokenRe);
-        if (token) return token;
-        continue;
-      }
-
-      // Slow path (Windows): read binary files directly
       const token = extractTokenViaBinaryRead(dir, tokenRe);
       if (token) return token;
     }
@@ -310,39 +314,20 @@ export function discoverExtensionToken(): string | null {
   return null;
 }
 
-function extractTokenViaStrings(dir: string, tokenRe: RegExp): string | null {
-  try {
-    // Single shell pipeline: for each LevelDB file, extract strings, find lines
-    // after the extension ID, and filter for base64url token pattern.
-    //
-    // LevelDB `strings` output for the extension's auth-token entry:
-    //   auth-token                                    ← key name
-    //   4,mmlmfjhmonkocbjadbfplnigmagldckm.7          ← LevelDB internal key
-    //   hqI86ncsD1QpcVcj-k9CyzTF-ieCQd_4KreZ_wy1WHA  ← token value
-    //
-    // We get the line immediately after any EXTENSION_ID mention and check
-    // if it looks like a base64url token (40-50 chars, [A-Za-z0-9_-]).
-    const shellDir = dir.replace(/'/g, "'\\''");
-    const cmd = `for f in '${shellDir}'/*.ldb '${shellDir}'/*.log; do ` +
-      `[ -f "$f" ] && strings "$f" 2>/dev/null | ` +
-      `grep -A1 '${PLAYWRIGHT_EXTENSION_ID}' | ` +
-      `grep -v '${PLAYWRIGHT_EXTENSION_ID}' | ` +
-      `grep -E '^[A-Za-z0-9_-]{40,50}$' | head -1; ` +
-      `done 2>/dev/null`;
-    const result = execSync(cmd, { encoding: 'utf-8', timeout: 10000 }).trim();
-
-    // Take the first non-empty line
-    for (const line of result.split('\n')) {
-      const token = line.trim();
-      if (token && validateBase64urlToken(token)) return token;
-    }
-  } catch {}
-  return null;
-}
-
 function extractTokenViaBinaryRead(dir: string, tokenRe: RegExp): string | null {
+  // LevelDB fragments strings across byte boundaries, so we can't search
+  // for the full extension ID or "auth-token" as contiguous ASCII. Instead,
+  // search for a short prefix of the extension ID that reliably appears as
+  // contiguous bytes, then scan a window around each match for a base64url
+  // token value.
+  //
+  // Observed LevelDB layout near the auth-token entry:
+  //   ... auth-t<binary> ... 4,mmlmfjh<binary>Pocbjadbfplnigmagldckm.7 ...
+  //   <binary> hqI86ncsD1QpcVcj-k9CyzTF-ieCQd_4KreZ_wy1WHA <binary> ...
+  //
+  // The extension ID prefix "mmlmfjh" appears ~44 bytes before the token.
   const extIdBuf = Buffer.from(PLAYWRIGHT_EXTENSION_ID);
-  const keyBuf = Buffer.from('auth-token');
+  const extIdPrefix = Buffer.from(PLAYWRIGHT_EXTENSION_ID.slice(0, 7)); // "mmlmfjh"
 
   let files: string[];
   try {
@@ -351,7 +336,7 @@ function extractTokenViaBinaryRead(dir: string, tokenRe: RegExp): string | null
       .map(f => path.join(dir, f));
   } catch { return null; }
 
-  // Sort by mtime descending
+  // Sort by mtime descending so we find the freshest token first
   files.sort((a, b) => {
     try { return fs.statSync(b).mtimeMs - fs.statSync(a).mtimeMs; } catch { return 0; }
   });
@@ -360,14 +345,30 @@ function extractTokenViaBinaryRead(dir: string, tokenRe: RegExp): string | null
     let data: Buffer;
     try { data = fs.readFileSync(file); } catch { continue; }
 
-    // Quick check: does file contain both the extension ID and auth-token key?
-    const extPos = data.indexOf(extIdBuf);
-    if (extPos === -1) continue;
-    const keyPos = data.indexOf(keyBuf, Math.max(0, extPos - 500));
-    if (keyPos === -1) continue;
+    // Quick check: file must contain at least the prefix
+    if (data.indexOf(extIdPrefix) === -1) continue;
 
-    // Scan for token value after auth-token key
+    // Strategy 1: scan after each occurrence of the extension ID prefix
+    // for base64url tokens within a 500-byte window
     let idx = 0;
+    while (true) {
+      const pos = data.indexOf(extIdPrefix, idx);
+      if (pos === -1) break;
+
+      const scanStart = pos;
+      const scanEnd = Math.min(data.length, pos + 500);
+      const window = data.subarray(scanStart, scanEnd).toString('latin1');
+      const m = window.match(tokenRe);
+      if (m && validateBase64urlToken(m[1])) {
+        // Make sure this isn't another extension ID that happens to match
+        if (m[1] !== PLAYWRIGHT_EXTENSION_ID) return m[1];
+      }
+      idx = pos + 1;
+    }
+
+    // Strategy 2 (fallback): original approach using full extension ID + auth-token key
+    const keyBuf = Buffer.from('auth-token');
+    idx = 0;
     while (true) {
       const kp = data.indexOf(keyBuf, idx);
       if (kp === -1) break;
@@ -393,6 +394,69 @@ function validateBase64urlToken(token: string): boolean {
 }
 
 
+/**
+ * Check whether the Playwright MCP Bridge extension is installed in any browser.
+ * Scans Chrome/Chromium/Edge Extensions directories for the known extension ID.
+ */
+export function checkExtensionInstalled(): { installed: boolean; browsers: string[] } {
+  const home = os.homedir();
+  const platform = os.platform();
+  const browserDirs: Array<{ name: string; base: string }> = [];
+
+  if (platform === 'darwin') {
+    browserDirs.push(
+      { name: 'Chrome', base: path.join(home, 'Library', 'Application Support', 'Google', 'Chrome') },
+      { name: 'Chrome Canary', base: path.join(home, 'Library', 'Application Support', 'Google', 'Chrome Canary') },
+      { name: 'Chromium', base: path.join(home, 'Library', 'Application Support', 'Chromium') },
+      { name: 'Edge', base: path.join(home, 'Library', 'Application Support', 'Microsoft Edge') },
+    );
+  } else if (platform === 'linux') {
+    browserDirs.push(
+      { name: 'Chrome', base: path.join(home, '.config', 'google-chrome') },
+      { name: 'Chromium', base: path.join(home, '.config', 'chromium') },
+      { name: 'Edge', base: path.join(home, '.config', 'microsoft-edge') },
+    );
+  } else if (platform === 'win32') {
+    const appData = process.env.LOCALAPPDATA || path.join(home, 'AppData', 'Local');
+    browserDirs.push(
+      { name: 'Chrome', base: path.join(appData, 'Google', 'Chrome', 'User Data') },
+      { name: 'Edge', base: path.join(appData, 'Microsoft', 'Edge', 'User Data') },
+    );
+  }
+
+  const profiles = ['Default', 'Profile 1', 'Profile 2', 'Profile 3'];
+  const foundBrowsers: string[] = [];
+
+  for (const { name, base } of browserDirs) {
+    for (const profile of profiles) {
+      const extDir = path.join(base, profile, 'Extensions', PLAYWRIGHT_EXTENSION_ID);
+      if (fileExists(extDir)) {
+        foundBrowsers.push(name);
+        break; // one match per browser is enough
+      }
+    }
+  }
+
+  return { installed: foundBrowsers.length > 0, browsers: [...new Set(foundBrowsers)] };
+}
+
+/**
+ * Test token connectivity by attempting a real MCP connection.
+ * Connects, does the JSON-RPC handshake, and immediately closes.
+ */
+export async function checkTokenConnectivity(opts?: { timeout?: number }): Promise<ConnectivityResult> {
+  const timeout = opts?.timeout ?? 8;
+  const start = Date.now();
+  try {
+    const mcp = new PlaywrightMCP();
+    await mcp.connect({ timeout });
+    await mcp.close();
+    return { ok: true, durationMs: Date.now() - start };
+  } catch (err: any) {
+    return { ok: false, error: err?.message ?? String(err), durationMs: Date.now() - start };
+  }
+}
+
 export async function runBrowserDoctor(opts: DoctorOptions = {}): Promise<DoctorReport> {
   const envToken = process.env[PLAYWRIGHT_TOKEN_ENV] ?? null;
   const shellPath = opts.shellRc ?? getDefaultShellRcPath();
@@ -418,24 +482,38 @@ export async function runBrowserDoctor(opts: DoctorOptions = {}): Promise<Doctor
   const uniqueTokens = [...new Set(allTokens)];
   const recommendedToken = opts.token ?? extensionToken ?? envToken ?? (uniqueTokens.length === 1 ? uniqueTokens[0] : null) ?? null;
 
+  // Check extension installation
+  const extInstall = checkExtensionInstalled();
+
+  // Connectivity test (only when --live)
+  let connectivity: ConnectivityResult | undefined;
+  if (opts.live) {
+    connectivity = await checkTokenConnectivity();
+  }
+
   const report: DoctorReport = {
     cliVersion: opts.cliVersion,
     envToken,
     envFingerprint: getTokenFingerprint(envToken ?? undefined),
     extensionToken,
     extensionFingerprint: getTokenFingerprint(extensionToken ?? undefined),
+    extensionInstalled: extInstall.installed,
+    extensionBrowsers: extInstall.browsers,
     shellFiles,
     configs,
     recommendedToken,
     recommendedFingerprint: getTokenFingerprint(recommendedToken ?? undefined),
+    connectivity,
     warnings: [],
     issues: [],
   };
 
+  if (!extInstall.installed) report.issues.push('Playwright MCP Bridge extension is not installed in any browser.');
   if (!envToken) report.issues.push(`Current environment is missing ${PLAYWRIGHT_TOKEN_ENV}.`);
   if (!shellFiles.some(s => s.token)) report.issues.push('Shell startup file does not export PLAYWRIGHT_MCP_EXTENSION_TOKEN.');
   if (!configs.some(c => c.token)) report.issues.push('No scanned MCP config currently contains a Playwright extension token.');
   if (uniqueTokens.length > 1) report.issues.push('Detected inconsistent Playwright MCP tokens across env/config files.');
+  if (connectivity && !connectivity.ok) report.issues.push(`Browser connectivity test failed: ${connectivity.error ?? 'unknown'}`);
   for (const config of configs) {
     if (config.parseError) report.warnings.push(`Could not parse ${config.path}: ${config.parseError}`);
   }
@@ -456,6 +534,12 @@ export function renderBrowserDoctorReport(report: DoctorReport): string {
   const hasMismatch = uniqueFingerprints.length > 1;
   const lines = [chalk.bold(`opencli v${report.cliVersion ?? 'unknown'} doctor`), ''];
 
+  const installStatus: ReportStatus = report.extensionInstalled ? 'OK' : 'MISSING';
+  const installDetail = report.extensionInstalled
+    ? `Extension installed (${report.extensionBrowsers.join(', ')})`
+    : 'Extension not installed in any browser';
+  lines.push(statusLine(installStatus, installDetail));
+
   const extStatus: ReportStatus = !report.extensionToken ? 'MISSING' : hasMismatch ? 'MISMATCH' : 'OK';
   lines.push(statusLine(extStatus, `Extension token (Chrome LevelDB): ${tokenSummary(report.extensionToken, report.extensionFingerprint)}`));
 
@@ -489,6 +573,18 @@ export function renderBrowserDoctorReport(report: DoctorReport): string {
   }
   if (missingConfigCount > 0) lines.push(chalk.dim(`     Other scanned config locations not present: ${missingConfigCount}`));
   lines.push('');
+
+  // Connectivity result
+  if (report.connectivity) {
+    const connStatus: ReportStatus = report.connectivity.ok ? 'OK' : 'WARN';
+    const connDetail = report.connectivity.ok
+      ? `Browser connectivity: connected in ${(report.connectivity.durationMs / 1000).toFixed(1)}s`
+      : `Browser connectivity: failed (${report.connectivity.error ?? 'unknown'})`;
+    lines.push(statusLine(connStatus, connDetail));
+  } else {
+    lines.push(statusLine('WARN', 'Browser connectivity: not tested (use --live)'));
+  }
+
   lines.push(statusLine(
     hasMismatch ? 'MISMATCH' : report.recommendedToken ? 'OK' : 'WARN',
     `Recommended token fingerprint: ${report.recommendedFingerprint ?? 'unavailable'}`,

package/src/main.ts

@@ -100,12 +100,13 @@ program.command('doctor')
   .option('--fix', 'Apply suggested fixes to shell rc and detected MCP configs', false)
   .option('-y, --yes', 'Skip confirmation prompts when applying fixes', false)
   .option('--token <token>', 'Override token to write instead of auto-detecting')
+  .option('--live', 'Test browser connectivity (requires Chrome running)', false)
   .option('--shell-rc <path>', 'Shell startup file to update')
   .option('--mcp-config <paths>', 'Comma-separated MCP config paths to scan/update')
   .action(async (opts) => {
     const { runBrowserDoctor, renderBrowserDoctorReport, applyBrowserDoctorFix } = await import('./doctor.js');
     const configPaths = opts.mcpConfig ? String(opts.mcpConfig).split(',').map((s: string) => s.trim()).filter(Boolean) : undefined;
-    const report = await runBrowserDoctor({ token: opts.token, shellRc: opts.shellRc, configPaths, cliVersion: PKG_VERSION });
+    const report = await runBrowserDoctor({ token: opts.token, live: opts.live, shellRc: opts.shellRc, configPaths, cliVersion: PKG_VERSION });
     console.log(renderBrowserDoctorReport(report));
     if (opts.fix) {
       const written = await applyBrowserDoctorFix(report, { fix: true, yes: opts.yes, token: opts.token, shellRc: opts.shellRc, configPaths });