feat(skills): add notte skill (Notte Functions + vault auth)

[sam-notte]

What

Adds skills/notte/SKILL.md, a bundled skill that teaches the agent to drive Notte (notte.cc): hosted browser infrastructure with Functions (deploy a browser flow as a serverless, scheduled, API-callable endpoint), vault-backed logins, captcha-solving stealth sessions, and a natural-language agent runtime.

Single-file change. No code, no deps, no config. Conventions match skills/notion/SKILL.md and skills/mcporter/SKILL.md (frontmatter shape, metadata.bitterbot.{emoji, requires.bins, install}).

Why

Bitterbot already has two browser-side capabilities, each in its own lane:

• The bundled browser tool (src/browser/, Playwright + CDP) handles routine navigation, snapshots, and AI-action mode against the user's Chromium.
• Firecrawl via web_fetch (docs/tools/firecrawl.md) handles single-page stealth fetch with proxy: stealth for sites that block plain HTTP.

The notte skill sits alongside both, filling three further lanes:

1. Functions (the headline). Deploy a browser script as an API endpoint with a cron schedule: notte agents workflow-code, then notte functions create, then notte functions schedule-set. Structurally similar to the dream engine's crystallisation of execution paths into reusable skills, except the execution surface is a deterministic Function rather than an agent re-run on each invocation. Marketplace-listable skills can settle into a faster, cheaper, more predictable runtime.

2. Vault-backed credentials. Addresses the gap docs/tools/browser-login.md flags: "Automated logins often trigger anti-bot defenses and can lock the account." Notte's vault auto-fills passwords on matching URLs without exposing them to the model, which unblocks unattended dream-engine cycles where there is no user awake to log in manually.

3. Multi-step stealth sessions. Residential proxies, geo-located exits, inline captcha solving across Cloudflare, DataDome, PerimeterX, and Akamai. Distinct from Firecrawl's single-page lane in that the session persists across navigation, clicks, form fills, and downloads, which is what authenticated workflows need.

Positioned as complementary: routine browsing stays in src/browser/, single-page stealth reads stay with Firecrawl, the notte skill adds the deployment layer plus the multi-step authenticated path.

How

• skills/notte/SKILL.md, frontmatter plus markdown, follows the same conventions as skills/notion, skills/mcporter, skills/github.
• metadata.bitterbot.requires.bins: ["notte"] so the skill is gated behind binary presence.
• metadata.bitterbot.install lists both brew (via the nottelabs/notte-cli tap) and go install paths, matching the pattern used in skills/github and skills/spotify-player.
• An MCP-only path (notte-mcp via the existing mcporter skill) is also documented for users who would rather not install the CLI.

Test plan

• pnpm build passes
• Skill is discoverable: bitterbot skills list includes notte
• Skill is gated correctly: notte not on PATH means the skill is filtered out
• Skill loads with valid YAML frontmatter (validates against src/plugins/schema-validator.ts)

Notes

• Disclosure: I am a maintainer at nottelabs. Happy to land it under whatever attribution rules you prefer.
• The skill is also published as the official AgentSkills listing at github.com/nottelabs/agent-skill-notte. The bundled version here is CLI-first to match Bitterbot's other shell-tool skills; the AgentSkills version is Python-SDK-first.
• If you would rather not bundle, the direct-URL import form works today: bitterbot skills import agentskills https://github.com/nottelabs/agent-skill-notte/raw/main/notte/SKILL.md. Happy to drop this PR if that path is cleaner.
• We're shipping the same provider pattern to NousResearch/hermes-agent (126K stars). Implementation is staged at nottelabs/notte#758 (open PR with provider class, unit tests, and integration guide for the upstream PR — Mendral-approved, in final CI). Same approach as their existing Browserbase / Browser Use / Firecrawl / Camofox providers: complementary, one file, no deps.

[sam-notte]

Hi Victor,

Thanks for the clean merge, much appreciated. A few things in case useful:

1. The CLI your bundled skill drives is github.com/nottelabs/notte-cli; the main Notte repo (Python SDK, agent runtime, notte-mcp server) lives at github.com/nottelabs/notte. Both expose the same Notte Functions surface, and the patterns line up cleanly: Bitterbot's dream engine wants recurring browser actions, and Notte Functions provide the deployment plus cron surface for them.

2. If you'd like a docs/tools/notte.md page in the same shape as docs/tools/firecrawl.md (config block, env vars, integration notes), I'm happy to write it. Single doc page, no code.

3. Anything you'd like tweaked in the skill copy (tone, scope, length), happy to follow up.

Cheers,
Sam
sam@notte.cc