ClawHub

Web Crawling API

v1.0.0

Fetch raw HTML, rendered HTML, or clean Markdown from public webpages through Just Serp API.

0· 12·0 current·0 all-time
by@justserpapi
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (web crawling via Just Serp) align with the required pieces: node runtime, a single API key JUST_SERP_API_KEY, and a small CLI wrapper (bin/run.mjs) that calls api.justserpapi.com endpoints. There are no unrelated credentials, binaries, or config paths.
Instruction Scope
SKILL.md instructs the agent to call the included CLI with --operation, --api-key, and --params-json (url). The instructions limit actions to the three GET operations (html, renderedHtml, markdown) and explicitly require asking the user for missing parameters. The CLI code only constructs the request to the declared Just Serp endpoints and prints the JSON response; it does not read other files or environment variables.
Install Mechanism
There is no install spec (instruction-only skill with a bundled Node script). No remote downloads or archive extraction are performed. The only runtime requirement is the node binary, which is reasonable for the JS CLI provided.
Credentials
Only one environment credential is required (JUST_SERP_API_KEY) and the code uses that key only to set the X-API-Key header when calling Just Serp API. The requested secret is proportionate to a remote API client.
Persistence & Privilege
The skill does not request always:true, does not modify other skills or system configuration, and has no install-time persistence. Autonomous invocation is allowed (platform default) but that is expected for skills and is not combined with other concerning privileges.
Assessment
This skill behaves like a thin client for the Just Serp API: installing/using it will cause your JUST_SERP_API_KEY to be sent to api.justserpapi.com in the X-API-Key header. Only install if you trust Just Serp and are comfortable that the key grants the appropriate (and minimal) access. Avoid passing internal or private URLs to the service, since the skill uploads the target URL and receives page content back. If you need stricter controls, consider using a service account with limited credits/quotas, rotate the key periodically, and monitor usage in the Just Serp dashboard.

Like a lobster shell, security has layers — review code before you run it.

latestvk97b01sc3cxn0vebsbmp0ta3n98499nn

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsnode
EnvJUST_SERP_API_KEY
Primary envJUST_SERP_API_KEY

Comments