ClawHub

URL Fetcher

v1.0.0

Fetch and save web content using only Python stdlib with URL and path validation, basic HTML-to-markdown conversion, and no API keys or external dependencies.

0· 1.4k·0 current·0 all-time
by@johstracke
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, SKILL.md, and the included script are aligned: the code fetches HTTP/HTTPS pages, can convert basic HTML to markdown, and can write output files. No unrelated credentials, binaries, or installs are requested.
!
Instruction Scope
SKILL.md claims robust URL and path validation and blocks internal hosts. The script attempts such checks, but they are incomplete: it only blocks a short hostname list (localhost, 127.0.0.1, ::1, 0.0.0.0) and does not detect or block private IP ranges (10/8, 172.16/12, 192.168/16) or domains that resolve to internal addresses — so SSRF / internal scanning risks remain. Path validation allows any path under the user's home directory (Path.home()), relying on substring checks to exclude some dotfiles; substring blocking is brittle and can be bypassed. The skill does not access any other system files/credentials, nor does SKILL.md instruct the agent to do so.
Install Mechanism
No install spec and no external package downloads; the bundle contains a Python script using only the stdlib. This is low-risk versus remote installers or archives.
Credentials
The skill requests no environment variables, credentials, or config paths. The script performs network requests only to user-provided URLs and writes to user-supplied file paths, which is proportional to its purpose.
Persistence & Privilege
The skill is not forced-always, and it does not modify other skills or global agent settings. Autonomous invocation is allowed by default but not by itself a reason for concern; consider limiting autonomous URL fetching if you plan to enable it.
What to consider before installing
This skill appears to do what it says (fetch pages, basic HTML→MD conversion) and uses only Python stdlib, but its security checks are incomplete. Before installing or enabling autonomous use: - Review the code yourself (or have a developer do so). Pay attention to the URL validation and path checks. - Do not allow the agent to fetch arbitrary user-provided URLs without restrictions — the script does not prevent requests to private IP ranges or domains that resolve to internal addresses (SSRF risk). - Prefer running the script in a sandbox or container and avoid giving it broad autonomous invocation rights for open-ended inputs. - If you plan to save output files, prefer restricting outputs to a dedicated workspace directory (remove Path.home() from SAFE_PATHS or replace it with a specific workspace path) and implement robust path checks (resolve and ensure the final path is inside an allowlist directory; avoid substring-based blocklists). - Consider hardening URL checks: resolve hostnames and validate the resulting IP is public; explicitly block 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, link-local and other reserved ranges. If you cannot review/modify the code, treat this skill as untrusted and run only in an isolated environment. These weaknesses look like sloppy/insufficient validation rather than intentional harm, but they materially increase risk, so exercise caution.

Like a lobster shell, security has layers — review code before you run it.

fetchvk97d44d65kymhp49rtxvm5r43580p3e8latestvk97d44d65kymhp49rtxvm5r43580p3e8no-dependenciesvk97d44d65kymhp49rtxvm5r43580p3e8scrapingvk97d44d65kymhp49rtxvm5r43580p3e8webvk97d44d65kymhp49rtxvm5r43580p3e8

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments