← Back to Skills Marketplace

URL Fetcher

Name: URL Fetcher
Author: johstracke

by johstracke · GitHub ↗ · v1.0.0

cross-platform ⚠ suspicious

1453

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install url-fetcher

Description

Fetch and save web content using only Python stdlib with URL and path validation, basic HTML-to-markdown conversion, and no API keys or external dependencies.

Usage Guidance

This skill appears to do what it says (fetch pages, basic HTML→MD conversion) and uses only Python stdlib, but its security checks are incomplete. Before installing or enabling autonomous use: - Review the code yourself (or have a developer do so). Pay attention to the URL validation and path checks. - Do not allow the agent to fetch arbitrary user-provided URLs without restrictions — the script does not prevent requests to private IP ranges or domains that resolve to internal addresses (SSRF risk). - Prefer running the script in a sandbox or container and avoid giving it broad autonomous invocation rights for open-ended inputs. - If you plan to save output files, prefer restricting outputs to a dedicated workspace directory (remove Path.home() from SAFE_PATHS or replace it with a specific workspace path) and implement robust path checks (resolve and ensure the final path is inside an allowlist directory; avoid substring-based blocklists). - Consider hardening URL checks: resolve hostnames and validate the resulting IP is public; explicitly block 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, link-local and other reserved ranges. If you cannot review/modify the code, treat this skill as untrusted and run only in an isolated environment. These weaknesses look like sloppy/insufficient validation rather than intentional harm, but they materially increase risk, so exercise caution.

Capability Analysis

Type: OpenClaw Skill Name: url-fetcher Version: 1.0.0 The skill is classified as benign. It provides a simple URL fetching utility using only Python's standard library. The code includes explicit and robust security measures, such as `is_safe_path()` in `scripts/url_fetcher.py` to prevent file writes to sensitive system directories or dotfiles (e.g., ~/.ssh, /etc), and URL validation to block `file://`, `data://`, `javascript:` schemes, as well as explicit localhost/internal IP addresses. The `SKILL.md` documentation clearly outlines these security features and limitations, and does not contain any prompt injection attempts or instructions for malicious behavior. While there's a theoretical, more advanced SSRF bypass possible via DNS resolution to internal IPs, the skill actively attempts to prevent SSRF for common cases and its overall design demonstrates a clear intent for secure operation within its stated purpose.

Capability Assessment

✓ Purpose & Capability

Name, SKILL.md, and the included script are aligned: the code fetches HTTP/HTTPS pages, can convert basic HTML to markdown, and can write output files. No unrelated credentials, binaries, or installs are requested.

⚠ Instruction Scope

SKILL.md claims robust URL and path validation and blocks internal hosts. The script attempts such checks, but they are incomplete: it only blocks a short hostname list (localhost, 127.0.0.1, ::1, 0.0.0.0) and does not detect or block private IP ranges (10/8, 172.16/12, 192.168/16) or domains that resolve to internal addresses — so SSRF / internal scanning risks remain. Path validation allows any path under the user's home directory (Path.home()), relying on substring checks to exclude some dotfiles; substring blocking is brittle and can be bypassed. The skill does not access any other system files/credentials, nor does SKILL.md instruct the agent to do so.

✓ Install Mechanism

No install spec and no external package downloads; the bundle contains a Python script using only the stdlib. This is low-risk versus remote installers or archives.

✓ Credentials

The skill requests no environment variables, credentials, or config paths. The script performs network requests only to user-provided URLs and writes to user-supplied file paths, which is proportional to its purpose.

✓ Persistence & Privilege

The skill is not forced-always, and it does not modify other skills or global agent settings. Autonomous invocation is allowed by default but not by itself a reason for concern; consider limiting autonomous URL fetching if you plan to enable it.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install url-fetcher
After installation, invoke the skill by name or use /url-fetcher
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.0

Initial release - Zero-dependency web content fetching. Uses Python stdlib (urllib) only - no API keys, no pip install. Features: fetch HTML/text from URLs, basic HTML to markdown conversion, path-validated file writes, URL validation (blocks localhost/internal). Security: is_safe_path() prevents malicious file writes to system paths and sensitive dotfiles.

Metadata

Slug url-fetcher

Version 1.0.0

License —

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is URL Fetcher?

Fetch and save web content using only Python stdlib with URL and path validation, basic HTML-to-markdown conversion, and no API keys or external dependencies. It is an AI Agent Skill for Claude Code / OpenClaw, with 1453 downloads so far.

How do I install URL Fetcher?

Run "/install url-fetcher" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is URL Fetcher free?

Yes, URL Fetcher is completely free (open-source). You can download, install and use it at no cost.

Which platforms does URL Fetcher support?

URL Fetcher is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created URL Fetcher?

It is built and maintained by johstracke (@johstracke); the current version is v1.0.0.

More Skills