Skillv0.1.0

ClawScan security

Baoyu Url To Markdown · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 19, 2026, 8:18 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, runtime instructions, and required resources are consistent with a webpage-to-markdown archiver that uses Chrome CDP and optional remote fallback; nothing in the provided files indicates covert or unrelated capabilities.
Guidance: This skill will execute the included TypeScript code locally, launch or attach to a Chrome instance, fetch arbitrary URLs, optionally download linked media, and write markdown and HTML snapshot files to your filesystem (project dirs or ~/.baoyu-skills). It will fall back to the public defuddle.md service if local capture fails, which exposes the requested URL to that service. Before installing or running: (1) review the included scripts if you don't trust them; (2) be aware it will create EXTEND.md in your project or home and will download media into imgs/ or videos/ subfolders; (3) run it in a sandbox or with a dedicated Chrome profile if you want to avoid attaching to your personal browser; (4) ensure you want URLs you request to potentially be sent to defuddle.md on failure. Note: SKILL.md requires the agent to prompt the user (AskUserQuestion) before creating EXTEND.md — that flow depends on the agent following SKILL.md (the code does not itself enforce the interactive block).

Review Dimensions

Purpose & Capability: okName/description (URL → markdown via Chrome CDP) aligns with the included TypeScript scripts. Required runtime helpers (bun or npx) are plausible for running the scripts. The code legitimately needs to launch/attach to Chrome, read/write EXTEND.md and output files, fetch external resources, and optionally call defuddle.md — all coherent with an archiver/conversion tool.
Instruction Scope: noteSKILL.md correctly instructs the agent to locate the scripts, prefer bun/npx, and to prompt the user for preferences before creating EXTEND.md. The code itself performs file I/O (reading/writing EXTEND.md, writing markdown and captured HTML, downloading media) and network I/O (fetching pages/media and defuddle.md). These actions are within the stated purpose. One mismatch: SKILL.md mandates a blocking AskUserQuestion flow on first run, but the provided main.ts does not itself enforce that flow — it relies on the agent to follow SKILL.md. Agents must therefore obey the SKILL.md requirement to avoid silently creating EXTEND.md.
Install Mechanism: okThere is no install spec (instruction-only install), which means nothing will be automatically downloaded by the registry. The package includes source files and an internal vendor folder for baoyu-chrome-cdp; no external arbitrary URLs or archive downloads are present in the manifest. Expect runtime dependency resolution (bun/npx) when executing the scripts.
Credentials: noteThe skill declares no required env vars but the code tolerates and uses common environment variables (HOME, XDG_CONFIG_HOME) and optionally URL_CHROME_PATH to override the Chrome path. Those are reasonable for locating profile/config and Chrome. The skill will read/write EXTEND.md in project or user config locations and will create output directories — behavior consistent with its purpose but worth noting because it writes into the user's filesystem. No unrelated credentials or secrets are requested.
Persistence & Privilege: okalways is false and the skill is user-invocable; it does not request permanent inclusion or modify other skills. It writes its own config (EXTEND.md) and output files, and may launch or kill Chrome instances — this is appropriate for a browser-capture utility. Autonomous invocation is allowed (platform default) but does not combine with other red flags here.