← Back to Skills Marketplace
622
Downloads
0
Stars
2
Active Installs
1
Versions
Install in OpenClaw
/install markdown-extract
Description
Extract clean markdown from any URL using auto, AI, or browser methods via the markdown.new API with error handling and flexible extraction options.
Usage Guidance
Before installing, note these points: (1) The Python script uses the system 'curl' command but the skill metadata does not declare it—ensure curl is available or update the manifest. (2) All requests (the requested URL and any fetched content) are sent to markdown.new; verify you trust that endpoint and avoid using the skill on sensitive or internal URLs. (3) Because the skill fetches arbitrary URLs, there is an SSRF/data-exposure risk if the agent runs in an environment with access to internal services. (4) The code uses subprocess.run with argument lists (not a shell string), which reduces shell-injection risk, but still review the script before granting execution. If you want to proceed, test with non-sensitive public pages and consider adding an explicit required-binaries entry for 'curl' and a manifest note about external data transmission.
Capability Analysis
Type: OpenClaw Skill
Name: markdown-extract
Version: 1.0.0
The skill's code and documentation are benign. The `SKILL.md` file provides clear, non-malicious instructions for using the skill. The `extract.py` script correctly uses `subprocess.run` with a list of arguments for `curl`, which prevents shell injection vulnerabilities from user-controlled input. The skill's functionality is limited to making HTTP requests to the `https://markdown.new/` API, as described, and does not attempt to access sensitive local data, exfiltrate information, or establish persistence. While the skill relies on an external API, its own implementation does not introduce vulnerabilities or malicious behavior.
Capability Assessment
Purpose & Capability
Name/description align with what the code and SKILL.md do: they call https://markdown.new to convert pages to markdown. However the Python implementation invokes the external 'curl' binary but the skill metadata declares no required binaries—this is an incoherence (the runtime actually needs 'curl' available).
Instruction Scope
SKILL.md and extract.py confine themselves to making HTTP requests to markdown.new (GET or POST) and returning the markdown or error. They do not read local files, environment variables, or unrelated system configuration. Error handling and Cloudflare-block detection are limited but present.
Install Mechanism
There is no install specification (instruction-only), which is low-risk. The package does include a runnable Python script but does not attempt to download or install external code at install time.
Credentials
The skill requests no credentials or env vars, which is appropriate; however it will send the target URL (and for POST flows likely the page content or a request to fetch it) to markdown.new. That can leak URLs or page content to a third party. Also, the code requires the 'curl' binary but does not declare it. Finally, because the skill fetches arbitrary URLs, it can be used (by the user or an autonomous agent) to probe internal endpoints or expose internal content (SSRF / data-leak risk) if run in an environment with access to internal network ranges.
Persistence & Privilege
The skill does not request persistent system privileges, does not set 'always: true', and does not modify other skills or system-wide configuration.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install markdown-extract - After installation, invoke the skill by name or use
/markdown-extract - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of markdown-extract skill.
- Extracts clean markdown from any URL via the markdown.new API.
- Supports multiple extraction methods: auto (default), ai, and browser.
- Simple usage command: !markdown-extract <url> [method].
- Handles errors gracefully, including invalid URLs, network issues, and Cloudflare blocks.
- Provides example commands and detailed method descriptions.
Metadata
Frequently Asked Questions
What is markdown-extract?
Extract clean markdown from any URL using auto, AI, or browser methods via the markdown.new API with error handling and flexible extraction options. It is an AI Agent Skill for Claude Code / OpenClaw, with 622 downloads so far.
How do I install markdown-extract?
Run "/install markdown-extract" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is markdown-extract free?
Yes, markdown-extract is completely free (open-source). You can download, install and use it at no cost.
Which platforms does markdown-extract support?
markdown-extract is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created markdown-extract?
It is built and maintained by aviclaw (@aviclaw); the current version is v1.0.0.
More Skills