Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Baoyu Url To Markdown
v1.82.2Fetch any URL and convert to markdown using baoyu-fetch CLI (Chrome CDP with site-specific adapters). Built-in adapters for X/Twitter, YouTube transcripts, H...
⭐ 0· 1.1k·48 current·49 all-time
byJim Liu 宝玉@jimliu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (URL → Markdown via baoyu-fetch) aligns with the included source and the declared runtime needs (bun or npx to run TypeScript source). The vendored CLI provides expected features (CDP, adapters for X/YouTube/HN, media download). One minor mismatch: the README/CLI expects a Chrome/Chromium runtime but the skill's declared required binaries only mention bun/npx (Chrome is a runtime dependency but not listed as a required binary).
Instruction Scope
SKILL.md instructs the agent to run the vendored CLI source in scripts/vendor/baoyu-fetch/src/cli.ts and to perform a blocking first-time setup by prompting the user (AskUserQuestion) before creating EXTEND.md. The instructions read EXTEND.md from project or user config paths and may write EXTEND.md and output files (markdown, media, debug artifacts). This is within the expected scope but grants the skill permission to read/write config in $HOME/.baoyu-skills and project dirs and to run arbitrary vendored code — review the vendored source if you are concerned about side effects.
Install Mechanism
There is no external install spec; the CLI source is vendored in the skill and executed directly with Bun or npx-bun. This avoids downloading remote archives at install time (lower install risk) but does mean the agent will execute the bundled TypeScript at runtime. The repository files are present in the skill bundle, so you can audit them locally before running.
Credentials
The skill does not request environment variables or cloud credentials, which is proportionate. However, the CLI uses Chrome CDP and supports Chrome profile persistence and cookie export/restore for adapters (notably the X adapter). If you connect to an existing Chrome instance or permit profile reuse, the tool can access browsing cookies and session state for sites like x.com/twitter.com; this is necessary to fetch authenticated content but is sensitive. The SKILL.md does not require you to provide a profile, but the capability exists — treat profile/ CDP options as sensitive.
Persistence & Privilege
always: false and the skill does not request elevated platform privileges. It will create EXTEND.md (user- or project-scoped) and may create a chrome-profile directory or download media/debug artifacts to output directories. These are normal, scoped persistence behaviors for a page-capture tool.
Assessment
This skill appears to do what it claims: run the vendored baoyu-fetch CLI (via bun/npx) to render pages and convert them to Markdown. Before installing or running it, consider: 1) Audit the bundled source (scripts/vendor/baoyu-fetch/) if you want to confirm there are no unexpected network endpoints or side effects—source is included so this is possible. 2) Expect the skill to read/write EXTEND.md in your project or ~/.baoyu-skills/ and to create output files and media directories; the SKILL.md explicitly requires asking the user before creating EXTEND.md. 3) Be cautious about allowing the tool to reuse an existing Chrome profile or connect to an existing CDP endpoint: doing so can expose stored cookies and authenticated sessions (the X adapter contains cookie export/restore logic). If you do not want session access, avoid supplying an existing profile/--cdp-url and prefer a headless temporary browser. 4) If you run in an environment where you cannot or will not audit the code, run the skill in a sandboxed environment or ephemeral container so its file writes and browser interactions are isolated.scripts/vendor/baoyu-fetch/src/browser/profile.ts:83
Shell command execution detected (child_process).
scripts/vendor/baoyu-fetch/src/browser/profile.ts:29
Environment variable access combined with network send.
scripts/vendor/baoyu-fetch/src/browser/profile.ts:149
File read combined with network send (possible exfiltration).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk97f5c5fgy9jdtwzcbqp3741wd84gkda
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
Any binbun, npx