← Back to Skills Marketplace

Safe Smart Web Fetch

Name: Safe Smart Web Fetch
Author: zqh2333

by Qihong · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ✓ Security Clean

129

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install safe-smart-web-fetch

Description

安全网页抓取技能。获取网页内容时，默认先判断 URL 是否可能包含 token、是否为内网/本地域名、是否为私密链接；这三类一律不走第三方清洗服务，只走直接抓取。其余公开网页可按顺序尝试 Jina Reader、markdown.new、defuddle.md 获取干净 Markdown，失败再回退原始抓取。

Usage Guidance

This skill appears coherent and does what it says: it classifies URLs and, for public pages, tries third‑party cleaners before falling back to original fetch. Before installing or running it against sensitive content, consider: 1) review and, if necessary, replace or restrict the third‑party endpoints (r.jina.ai, markdown.new, defuddle.md) to services you trust or to an internal sanitizer; 2) test the classifier against representative internal/private URLs to confirm it blocks them from third‑party calls (heuristics may miss uncommon token names or edge hostnames); and 3) if you need stronger guarantees, add explicit allow/deny lists or require explicit user confirmation before sending any URL containing query parameters or single‑label hosts to external services.

Capability Analysis

Type: OpenClaw Skill Name: safe-smart-web-fetch Version: 1.0.0 The skill provides a utility for fetching web content while implementing privacy safeguards. The script `scripts/fetch.py` includes logic to detect sensitive URLs (containing tokens, session IDs, or administrative paths) and private network addresses (localhost, private IP ranges, internal hostnames), ensuring these are fetched directly rather than being sent to third-party Markdown conversion services like Jina Reader (r.jina.ai), markdown.new, or defuddle.md. The implementation uses standard Python libraries and aligns perfectly with the safety-oriented instructions in `SKILL.md`.

Capability Tags

requires-oauth-token

Capability Assessment

✓ Purpose & Capability

Name/description, SKILL.md, and the included Python script all implement the same functionality: classify URLs as private/sensitive or public, and for public pages attempt third‑party 'cleaners' before falling back to raw fetch. No unrelated credentials, binaries, or config paths are requested.

ℹ Instruction Scope

Instructions and script only perform URL classification and HTTP(S) fetches, and call the listed third‑party cleaners (r.jina.ai, markdown.new, defuddle.md) for public pages. They do not read local files or environment variables. However, URL classification is heuristic; misclassification (false negatives in sensitive detection) could cause an otherwise-sensitive URL to be sent to external services, which is a privacy risk. The SKILL.md states the intended protections and the code implements them, but these are heuristic protections, not provably complete.

✓ Install Mechanism

No install spec; it's an instruction/script-only skill that runs with standard Python stdlib modules (urllib, ssl, ipaddress). Nothing is downloaded or written to disk at install time.

✓ Credentials

The skill requests no environment variables, credentials, or config paths. All network calls are to the target URL or to the explicit third‑party cleaner endpoints documented in the SKILL.md; these calls are coherent with the stated purpose.

✓ Persistence & Privilege

Skill does not request permanent/always inclusion, does not alter global OpenClaw configuration, and contains no mechanism to persist new credentials or modify other skills. Default autonomous invocation is allowed but not combined with other concerning privileges.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install safe-smart-web-fetch
After installation, invoke the skill by name or use /safe-smart-web-fetch
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.0

Initial release: safe web fetch with private-link protection and third-party cleaning only for public pages

Metadata

Slug safe-smart-web-fetch

Version 1.0.0

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is Safe Smart Web Fetch?

安全网页抓取技能。获取网页内容时，默认先判断 URL 是否可能包含 token、是否为内网/本地域名、是否为私密链接；这三类一律不走第三方清洗服务，只走直接抓取。其余公开网页可按顺序尝试 Jina Reader、markdown.new、defuddle.md 获取干净 Markdown，失败再回退原始抓取。 It is an AI Agent Skill for Claude Code / OpenClaw, with 129 downloads so far.

How do I install Safe Smart Web Fetch?

Run "/install safe-smart-web-fetch" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Safe Smart Web Fetch free?

Yes, Safe Smart Web Fetch is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Safe Smart Web Fetch support?

Safe Smart Web Fetch is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Safe Smart Web Fetch?

It is built and maintained by Qihong (@zqh2333); the current version is v1.0.0.

More Skills