← 返回 Skills 市场
1491
总下载
1
收藏
0
当前安装
9
版本数
在 OpenClaw 中安装
/install safe-web
功能描述
Securely fetch and search web content by scanning and blocking prompt injection threats using PromptGuard before returning results.
安全使用建议
This skill appears coherent and implements what it claims: fetching HTML, extracting text, and scanning with PromptGuard. Before installing: 1) Review and trust the PromptGuard dependency (it's the core scanner); 2) Prefer a virtualenv/container rather than system-wide pip installs or --break-system-packages to avoid altering host Python; 3) Be cautious before creating a system symlink or disabling native web tools — those change system behavior and may affect other workflows; 4) Only provide BRAVE_API_KEY if you need search functionality and trust the environment; 5) If you want extra assurance, inspect the prompt-guard code and run safe-web in an isolated environment to confirm no unexpected network exfiltration. The pre-scan injection flag in the docs is explanatory, not an active instruction.
功能分析
Type: OpenClaw Skill
Name: safe-web
Version: 1.0.8
This skill is designed to enhance the security of an AI agent by providing a 'safe' web fetching and searching mechanism that scans content for prompt injection attacks using PromptGuard. The code (`scripts/safe-web.py`) correctly implements its stated purpose, including content sanitization (removing scripts/styles) and local scanning. It accesses the Brave Search API using an environment variable, which is standard, and can write fetched content to a user-specified file path, a common CLI feature. The documentation (`SKILL.md`, `README.md`) consistently promotes security, even recommending disabling native OpenClaw web tools to force the use of this secure alternative. There is no evidence of malicious intent such as data exfiltration, unauthorized command execution, persistence, or prompt injection against the agent itself; instead, the skill actively defends against such attacks.
能力评估
Purpose & Capability
Name and behavior align: the tool fetches HTML, extracts text, and scans with PromptGuard. Declared requirements (python3, prompt-guard, requests, beautifulsoup4, optional BRAVE_API_KEY) match the implemented functionality. No unrelated credentials or binaries are requested.
Instruction Scope
SKILL.md and README contain only fetch/search/scanning instructions and install guidance. They do recommend creating a system symlink (/usr/local/bin) and suggest disabling native web_fetch/web_search in OpenClaw config to force use of safe-web — these are user-facing operational changes (not automatically performed) and are reasonable for a drop-in replacement but worth reviewing before applying. The pre-scan flag ('ignore-previous-instructions') appears in the docs as an example of an attack pattern, not as an instruction to the agent.
Install Mechanism
Install uses pip to install standard packages and an editable install of a local PromptGuard workspace. This is a common approach for Python-based tools, but pip installs (and the SKILL.md's use of --break-system-packages) can modify system Python state — consider using a virtualenv or container to avoid impacting the host environment. No arbitrary remote download or obfuscated installer was observed.
Credentials
Only one optional environment variable (BRAVE_API_KEY) is referenced and justified for search functionality. The code does not request other secrets or config paths. skill.json declares python3 and dependency on prompt-guard, which are appropriate.
Persistence & Privilege
The skill does not request always:true and does not attempt to modify other skills or agent configuration automatically. It recommends (but does not force) disabling native tools and creating a symlink; those are user actions and not implicit privileges.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install safe-web - 安装完成后,直接呼叫该 Skill 的名称或使用
/safe-web触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.8
Remove release.sh - now in workspace scripts folder
v1.0.7
Fix release.sh to work from temp directory and avoid workspace pollution
v1.0.6
Add release.sh script to prevent workspace pollution
v1.0.5
Add README with usage instructions and tool disable guide
v1.0.4
safe-web 1.0.4
- Added link to the PromptGuard repository for clearer installation instructions and dependency references.
- Updated dependency section to clarify that PromptGuard should be installed in the workspace.
- Minor documentation improvements for readability; no functional or API changes.
v1.0.3
Fix: rename script to .py extension to ensure proper inclusion in publish
v1.0.2
Fix: ensure scripts folder is included in publish
v1.0.1
Updated documentation: replaced alias with symlink instructions for system-wide access
v1.0.0
Initial release: secure web fetch and search with PromptGuard scanning
元数据
常见问题
Safe-Web 是什么?
Securely fetch and search web content by scanning and blocking prompt injection threats using PromptGuard before returning results. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1491 次。
如何安装 Safe-Web?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install safe-web」即可一键安装,无需额外配置。
Safe-Web 是免费的吗?
是的,Safe-Web 完全免费(开源免费),可自由下载、安装和使用。
Safe-Web 支持哪些平台?
Safe-Web 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Safe-Web?
由 AdamNaghs(@adamnaghs)开发并维护,当前版本 v1.0.8。
推荐 Skills