← 返回 Skills 市场
zqh2333

Safe Smart Web Fetch

作者 Qihong · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ✓ 安全检测通过
129
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install safe-smart-web-fetch
功能描述
安全网页抓取技能。获取网页内容时,默认先判断 URL 是否可能包含 token、是否为内网/本地域名、是否为私密链接;这三类一律不走第三方清洗服务,只走直接抓取。其余公开网页可按顺序尝试 Jina Reader、markdown.new、defuddle.md 获取干净 Markdown,失败再回退原始抓取。
安全使用建议
This skill appears coherent and does what it says: it classifies URLs and, for public pages, tries third‑party cleaners before falling back to original fetch. Before installing or running it against sensitive content, consider: 1) review and, if necessary, replace or restrict the third‑party endpoints (r.jina.ai, markdown.new, defuddle.md) to services you trust or to an internal sanitizer; 2) test the classifier against representative internal/private URLs to confirm it blocks them from third‑party calls (heuristics may miss uncommon token names or edge hostnames); and 3) if you need stronger guarantees, add explicit allow/deny lists or require explicit user confirmation before sending any URL containing query parameters or single‑label hosts to external services.
功能分析
Type: OpenClaw Skill Name: safe-smart-web-fetch Version: 1.0.0 The skill provides a utility for fetching web content while implementing privacy safeguards. The script `scripts/fetch.py` includes logic to detect sensitive URLs (containing tokens, session IDs, or administrative paths) and private network addresses (localhost, private IP ranges, internal hostnames), ensuring these are fetched directly rather than being sent to third-party Markdown conversion services like Jina Reader (r.jina.ai), markdown.new, or defuddle.md. The implementation uses standard Python libraries and aligns perfectly with the safety-oriented instructions in `SKILL.md`.
能力标签
requires-oauth-token
能力评估
Purpose & Capability
Name/description, SKILL.md, and the included Python script all implement the same functionality: classify URLs as private/sensitive or public, and for public pages attempt third‑party 'cleaners' before falling back to raw fetch. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
Instructions and script only perform URL classification and HTTP(S) fetches, and call the listed third‑party cleaners (r.jina.ai, markdown.new, defuddle.md) for public pages. They do not read local files or environment variables. However, URL classification is heuristic; misclassification (false negatives in sensitive detection) could cause an otherwise-sensitive URL to be sent to external services, which is a privacy risk. The SKILL.md states the intended protections and the code implements them, but these are heuristic protections, not provably complete.
Install Mechanism
No install spec; it's an instruction/script-only skill that runs with standard Python stdlib modules (urllib, ssl, ipaddress). Nothing is downloaded or written to disk at install time.
Credentials
The skill requests no environment variables, credentials, or config paths. All network calls are to the target URL or to the explicit third‑party cleaner endpoints documented in the SKILL.md; these calls are coherent with the stated purpose.
Persistence & Privilege
Skill does not request permanent/always inclusion, does not alter global OpenClaw configuration, and contains no mechanism to persist new credentials or modify other skills. Default autonomous invocation is allowed but not combined with other concerning privileges.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install safe-smart-web-fetch
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /safe-smart-web-fetch 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: safe web fetch with private-link protection and third-party cleaning only for public pages
元数据
Slug safe-smart-web-fetch
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Safe Smart Web Fetch 是什么?

安全网页抓取技能。获取网页内容时,默认先判断 URL 是否可能包含 token、是否为内网/本地域名、是否为私密链接;这三类一律不走第三方清洗服务,只走直接抓取。其余公开网页可按顺序尝试 Jina Reader、markdown.new、defuddle.md 获取干净 Markdown,失败再回退原始抓取。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 129 次。

如何安装 Safe Smart Web Fetch?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install safe-smart-web-fetch」即可一键安装,无需额外配置。

Safe Smart Web Fetch 是免费的吗?

是的,Safe Smart Web Fetch 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Safe Smart Web Fetch 支持哪些平台?

Safe Smart Web Fetch 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Safe Smart Web Fetch?

由 Qihong(@zqh2333)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论