Back to skill
Skillv1.0.0
ClawScan security
tra-extract-text · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 15, 2026, 12:01 PM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions and requirements are internally consistent: it is an instruction-only wrapper that tells the agent to install and use the trafilatura CLI to extract text from web pages.
- Guidance
- This skill is coherent and simply documents how to install and use the trafilatura CLI. Before installing, consider: (1) 'pip install trafilatura' will fetch code from PyPI—verify the package's reputation and optionally pin a specific version; (2) there is no homepage/source repo listed in the skill metadata—if you care about provenance, check PyPI and the project's source to confirm authenticity; (3) run the tool in a sandboxed environment if you are concerned about executing third-party code; (4) be cautious when extracting content from internal or sensitive URLs (this can expose internal data to the agent environment); and (5) ensure you respect site terms/robots and copyright when scraping. If you want stricter controls, add an explicit install spec (trusted package source and pinned version) or pre-install trafilatura in a controlled environment rather than letting the agent run pip at runtime.
Review Dimensions
- Purpose & Capability
- okName/description (extract web page text/markdown/HTML/JSON/XML) match the SKILL.md which documents using the trafilatura CLI and its options. There are no unrelated credentials, binaries, or config paths requested.
- Instruction Scope
- okRuntime instructions are narrowly scoped to installing trafilatura and running the trafilatura CLI against user-provided URLs; they do not ask the agent to read unrelated files, environment variables, or to transmit results to any unexpected external endpoint.
- Install Mechanism
- noteThere is no formal install spec, but SKILL.md instructs running 'pip install trafilatura' (PyPI). This is expected for a Python CLI tool but means the agent or user will download code from PyPI at install time — a moderate, expected risk. The skill does not pin a version or point to an authoritative homepage/source repo.
- Credentials
- okThe skill requests no environment variables, secrets, or config paths. That is proportionate to its stated purpose.
- Persistence & Privilege
- okThe skill is instruction-only, not always-enabled, and does not request system-wide changes or persistent privileges. Autonomous invocation is permitted (platform default) but not combined with other concerning privileges.