Web Content Fetcher (WeChat images fix)
Security checks across malware telemetry and agentic risk
Overview
This is a coherent web article extraction skill; its notable risks are disclosed and purpose-aligned, mainly arbitrary URL fetching, headless browser use, third-party Jina fallback, and unpinned Python dependencies.
This skill appears safe to install if you are comfortable with a web-scraping helper that installs Python dependencies and fetches arbitrary URLs. Use a virtual environment, avoid private or internal URLs unless intentional, and be aware that stealth mode runs page JavaScript and the Jina fallback shares the URL with an external service.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may make requests from the user’s environment to whatever URL is provided.
The skill tells the agent to run a local helper with a user-supplied URL, enabling arbitrary web requests. This is central to the skill's purpose and is disclosed, but it is still a broad network capability.
python3 <SKILL_DIR>/scripts/fetch.py "<url>" [max_chars] [--stealth]
Use it only for URLs you intend to fetch, avoid private/internal/signed URLs unless intentional, and keep URL arguments safely quoted.
A fetched page may run JavaScript during extraction, which can consume resources or interact with the target site as a browser visit.
Stealth mode runs target-page JavaScript in a headless browser. The artifact clearly discloses this and it is purpose-aligned for JS-rendered pages, but it means untrusted page code can execute in the browser automation context.
Headless browser fetch — executes JavaScript, bypasses anti-scraping... page = StealthyFetcher().fetch(url, headless=True, network_idle=True, timeout=timeout)
Prefer normal fast mode when possible and use stealth mode only for sites that require JavaScript rendering.
Installing latest unpinned packages can pull changed or compromised dependency versions, and system-level installs can affect other Python tools.
The install instructions use unpinned PyPI packages and mention an option that can alter a system-managed Python environment. This is disclosed setup behavior, but it carries normal dependency/provenance risk.
pip install scrapling html2text ... add `--break-system-packages` or use a venv
Install in a virtual environment and consider pinning dependency versions before use.
The URL being read may be shared with a third-party reader service if the fallback is used.
The documented fallback sends the target URL through Jina Reader, a third-party service. This is disclosed and purpose-aligned, but private or signed URLs could be exposed to that provider.
web_fetch("https://r.jina.ai/<url>")Use the local Scrapling path for private links, or confirm before using the Jina Reader fallback.