Back to skill
Skillv1.0.0
ClawScan security
Web fetch markdown of page · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 10, 2026, 3:37 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, requirements, and scope match its stated purpose (fetch reduced markdown via jina.ai); it is an instruction-only skill with no extra env or install requirements.
- Guidance
- This skill is coherent and minimal: it just tells the agent to fetch a jina.ai proxy URL and return markdown. Before installing, consider: (1) privacy — r.jina.ai will receive the original URL and page content, so avoid sending sensitive or private URLs; (2) availability — the skill assumes a 'web_fetch' tool is present in the agent environment; if your agent cannot make outbound HTTP calls or you disallow third-party proxies, this skill won't work or may violate policy; (3) content safety — fetched pages may contain sensitive data or malware-related content; validate or sanitize as needed. No credentials or installs are required.
Review Dimensions
- Purpose & Capability
- okName/description claim: fetch reduced markdown via jina.ai. SKILL.md instructs exactly to construct https://r.jina.ai/<original-url> and call the web_fetch tool. Nothing requested is unrelated to that purpose.
- Instruction Scope
- noteInstructions are narrowly scoped to building the jina.ai proxy URL and calling a web_fetch tool. Two things to note: (1) SKILL.md assumes a 'web_fetch' tool exists in the agent environment (not declared in the skill); (2) using r.jina.ai sends the fetched URL/content to an external service (privacy/leakage consideration). The skill does not instruct reading any unrelated files or env vars.
- Install Mechanism
- okNo install spec and no code files (instruction-only). This minimizes on-disk risk.
- Credentials
- okNo environment variables, credentials, or config paths are requested. Proportional to the task.
- Persistence & Privilege
- okalways is false and the skill is user-invocable; it does not request persistent or elevated privileges or modify other skills.