zt-web-fetcher
PassAudited by ClawScan on May 1, 2026.
Overview
This is a coherent web-fetching skill, but it routes URLs through third-party conversion services and optionally suggests installing an external crawler package.
This skill appears safe for fetching public webpages. Before using it, avoid giving it private or token-bearing URLs, and approve any optional Scrapling installation only after verifying the package.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Private, tokenized, or otherwise sensitive URLs could be exposed to the chosen conversion service.
The workflow sends user-supplied URLs to third-party URL-to-Markdown services. This is purpose-aligned for web fetching, but it creates an external data boundary for the URL and potentially page content.
使用 URL 转 Markdown 服务将网页转换为可读文本 ... `https://r.jina.ai/{url}` ... `https://markdown.new/{url}` ... `https://defuddle.md/{url}`Use this skill mainly for public webpages, and avoid submitting links that contain access tokens, private document URLs, or confidential query parameters.
Installing the fallback package would add third-party code to the user's environment.
The fallback path suggests installing an external package that is not included, pinned, or otherwise specified in the install metadata. This is a purpose-aligned crawler fallback, but users should approve and verify it.
如果以上服务都无法获取,尝试 Scrapling ... 地址:https://github.com/D4Vinci/Scrapling ... 用法:`pip install scrapling` 后使用
Only install Scrapling if needed, preferably in an isolated environment, and verify the package source/version before installation.