Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Defuddle
v1.0.0Extract main webpage content using Defuddle library and convert it to Markdown, supporting CLI and Node.js for web scraping and text processing tasks.
⭐ 0· 134·1 current·1 all-time
byHoncy Ye@yeholdon
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md and scripts clearly require Node.js/npm and the 'defuddle' npm package (and use npx). However the registry metadata lists no required binaries or environment variables — a mismatch. One bundled script calls a hardcoded path (/Users/honcy/.openclaw/skills/WeChat-Send/scripts/wechat_send.sh) which targets another skill/user-specific location that is not declared and is unlikely to exist for other users.
Instruction Scope
Instructions and scripts operate on arbitrary URLs and then transmit extracted content to external messaging endpoints (WeChat via a local script path and Telegram via openclaw message send). Transmitting arbitrary scraped content is consistent with the advertised 'send' scripts, but it is an exfiltration vector and the WeChat script reference expands scope to other local skill files. The SKILL.md and scripts do not declare or limit what user files or environment will be read beyond fetching URLs, but they do rely on the openclaw CLI and npx behavior.
Install Mechanism
There is no formal install spec (instruction-only), which limits on-disk installation risk by this bundle. However SKILL.md and scripts rely on 'npx defuddle' and suggest 'npm install -g defuddle' — which means runtime will fetch/execute code from the npm registry (npx executes remote packages), a supply-chain/execution vector to be aware of.
Credentials
The registry lists no required environment variables or credentials, which is consistent with the included files. But the scripts assume the availability of other platform credentials/agents: openclaw message send (Telegram) and a local WeChat helper script (which likely depends on credentials/config stored elsewhere). Those credentials are not declared by the skill and may be used implicitly when the scripts run.
Persistence & Privilege
always is false and there is no install-time persistence requested. The skill can be invoked by the agent (normal), and its scripts can send messages autonomously if run, so users should be aware of the ability to transmit extracted content but there is no elevated 'always' privilege or hidden persistence in the bundle.
What to consider before installing
This skill's core feature (extract webpage content and convert to Markdown) is coherent, but review and proceed cautiously: 1) Inspect or remove the send scripts before use — they transmit scraped content to WeChat/Telegram. 2) The WeChat helper is a hardcoded path to /Users/honcy/... which will fail on your system and could reference another skill you don't control — do not run it without validating that script. 3) npx will fetch and execute the 'defuddle' package from npm at runtime — verify the npm package's source/reputation before running. 4) If you only want extraction, run the extraction commands in a controlled environment and avoid executing the send scripts until you confirm destinations and credentials. 5) If you need this skill, consider forking/cleaning the scripts to remove hardcoded paths and to require explicit consent/targets before sending data.Like a lobster shell, security has layers — review code before you run it.
latestvk976s9yk6qssm3ddca0969hqxd83324d
License
MIT-0
Free to use, modify, and redistribute. No attribution required.