ClawHub

Web Markdown Navigator

PassAudited by VirusTotal on May 12, 2026.

Overview

Type: OpenClaw Skill Name: web-markdown-navigator Version: 0.1.0 The 'web-markdown-navigator' skill is designed to fetch web pages and convert their content to clean markdown. The core script, `scripts/fetch-markdown.mjs`, implements robust security measures, including comprehensive Server-Side Request Forgery (SSRF) protection by blocking private/local IP addresses and `localhost` for both initial and redirected URLs. It strictly enforces `http:` and `https:` protocols, limits response size, and uses well-established libraries (JSDOM, Readability, TurndownService) for safe HTML parsing and markdown conversion without executing fetched content. There is no evidence of intentional data exfiltration, unauthorized command execution, persistence mechanisms, or prompt injection attempts against the agent. The skill's behavior is entirely aligned with its stated purpose and demonstrates strong defensive programming practices.

Findings (0)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Note
ASI02: Tool Misuse and Exploitation
What this means

Installing the skill lets the agent contact websites you ask it to read and return their content as markdown.

Why it was flagged

The helper fetches and follows redirects for a caller-supplied http/https URL. This is central to the skill's purpose and includes safety checks, but it is still arbitrary web access.

Skill content
const res = await fetch(u, { signal: ac.signal, redirect: "follow", ... });
Recommendation

Use it for URLs you intend to fetch, and avoid letting untrusted page text persuade the agent to browse additional sensitive or internal URLs.

Note
ASI01: Agent Goal Hijack
What this means

A malicious webpage could include text that tries to manipulate the agent if the agent treats page content as instructions instead of data.

Why it was flagged

The skill imports webpage text into the agent's context. Webpages can contain adversarial instructions even though this artifact does not tell the agent to obey them.

Skill content
Use this skill for deterministic URL  markdown extraction.
Recommendation

Treat fetched markdown as quoted source material and follow the user's request, not instructions embedded in the webpage.

Note
ASI04: Agentic Supply Chain Vulnerabilities
What this means

The skill may be less portable, and users should confirm which script is actually being run.

Why it was flagged

The quick-start command uses a hard-coded local path. If followed literally on another machine, it may fail or run a different local copy rather than the installed artifact.

Skill content
cd /Users/pedrogonzalez/clawd/skills/web-markdown-navigator/scripts
Recommendation

Run the included scripts/fetch-markdown.mjs from the installed skill directory and install dependencies from the included package files if needed.