openclaw/adamnaghs/safe-web
adamnaghs/safe-web/SKILL.md
# safe-web Secure web fetch and search with **PromptGuard** scanning. ## Status ✅ Working ## Purpose Protects against prompt injection attacks hidden in web content before returning it to the AI. Wraps web fetching and searching with security scanning. ## Installation Requires [PromptGuard](https://clawhub.ai/seojoonkim/prompt-guard) and Python dependencies: ```bash # Install PromptGuard first cd /home/linuxbrew/.openclaw/workspace/skills/prompt-guard pip3 install --break-system-packages
$ install --global
skillsauthnpx skillsauth add openclaw/skills adamnaghs/safe-webInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 3, 2026, 8:36 AM41.0s1 file scanned
SKILL.md
safe-web
Secure web fetch and search with PromptGuard scanning.
Status
✅ Working
Purpose
Protects against prompt injection attacks hidden in web content before returning it to the AI. Wraps web fetching and searching with security scanning.
Installation
Requires PromptGuard and Python dependencies:
# Install PromptGuard first
cd /home/linuxbrew/.openclaw/workspace/skills/prompt-guard
pip3 install --break-system-packages -e .
# Install web dependencies (if not present)
pip3 install --break-system-packages requests beautifulsoup4
Usage
Fetch Command
Fetch a URL and scan the content:
# Basic fetch
safe-web fetch https://example.com/article
# Save to file
safe-web fetch https://example.com --output article.txt
# JSON output for automation
safe-web fetch https://example.com --json
# Strict mode (block on MEDIUM)
safe-web fetch https://example.com --strict
Search Command
Search the web and scan results:
# Basic search
safe-web search "AI safety research"
# More results
safe-web search "stock market news" --count 10
# JSON output
safe-web search "machine learning" --json
Exit Codes
| Code | Meaning | |------|---------| | 0 | Success - content/results are clean | | 1 | Error (network, parsing, etc.) | | 2 | Threat detected - content blocked |
Configuration
Environment Variables
BRAVE_API_KEY- API key for Brave Search (optional, enables search command)- Get one at: https://brave.com/search/api/
Symlink (Recommended)
Create a system-wide symlink so safe-web works from any directory:
sudo ln -s /home/linuxbrew/.openclaw/workspace/skills/safe-web/scripts/safe-web.py /usr/local/bin/safe-web
After creating the symlink, you can use safe-web directly without specifying the full path.
How It Works
Fetch Flow
- Downloads URL content with requests
- Extracts text using BeautifulSoup (removes scripts, styles)
- Scans extracted text with PromptGuard
- Returns clean content or blocks with SHIELD report
Search Flow
- Queries Brave Search API (requires API key)
- Scans each result title and description
- Filters out suspicious results
- Returns only clean results
Security Model
Fail-closed: If PromptGuard cannot be loaded or scanning fails, the tool reports an error rather than returning unverified content.
Content sanitization: HTML is parsed and scripts/styles are removed before scanning to reduce false positives.
No execution: This tool only fetches and scans. It never executes JavaScript or runs commands found in web content.
Example Output
Clean Fetch
Fetching: https://site.com/article
Fetched 1523 characters
Scanning with PromptGuard...
Article content here...
Blocked Content
Fetching: https://suspicious-site.com
Fetched 2048 characters
Scanning with PromptGuard...
============================================================
🛡️ SAFE-WEB SECURITY ALERT
============================================================
Source: https://suspicious-site.com
Severity: CRITICAL
Action: BLOCK_NOTIFY
Patterns Matched: 8
Detected Patterns:
- instruction_override_en
- role_manipulation_en
- system_impersonation_en
============================================================
Content from https://suspicious-site.com has been blocked.
Search Results
Searching: AI research
Found 5 results, scanning...
Showing 3 clean results:
1. Latest AI Research Papers
URL: https://arxiv.org/list/ai/recent
Recent submissions in artificial intelligence...
2. AI Safety Institute
URL: https://www.safe.ai/
Research and development for safe AI systems...
When to Use
Use safe-web when:
- Fetching content from untrusted URLs
- Scraping web pages for analysis
- Searching and processing web results
- Any web content will enter the AI context window
Use standard web_fetch/web_search tools only for:
- Trusted, known-safe domains
- Internal documentation sites
- When you explicitly want to bypass scanning
Comparison with Native Tools
| Feature | Native web_fetch | safe-web fetch |
|---------|-------------------|------------------|
| Fetches HTML | ✅ | ✅ |
| Extracts text | ✅ | ✅ |
| Injection scanning | ❌ | ✅ |
| JSON output | ✅ | ✅ |
| Save to file | ❌ | ✅ |
| Exit codes | 0/1 | 0/1/2 (security) |
Dependencies
- Python 3.8+
- PromptGuard 3.1.0+ (installed in workspace)
- requests
- beautifulsoup4
- Brave Search API key (for search command)
Limitations
- Search requires Brave API key (free tier available)
- Fetch does not execute JavaScript (static HTML only)
- Large pages may be truncated during text extraction
- Network timeouts default to 30 seconds
Related Skills
openclaw/mcdonalds-skill
tools
VerifiedTrustedCommunity
Use when the user wants to connect to, test, or use the McDonalds service at mcp.mcd.cn, including checking authentication, probing MCP endpoints, listing tools, or calling McDonalds MCP tools through a reusable local CLI.
3,962SKILL.mdUpdated Apr 10, 2026
openclaw/scrapebadger
development
VerifiedTrustedCommunity
Web scraping platform — Twitter/X data, Vinted marketplace, and general web scraping API
3,962SKILL.mdUpdated Apr 10, 2026
openclaw/slowmist-security-cc
development
VerifiedTrustedCommunity
SlowMist AI Agent Security Review — comprehensive security framework for skills, repositories, URLs, on-chain addresses, and products (Claude Code version)
3,962SKILL.mdUpdated Apr 10, 2026
openclaw/humanizer-cn
data-ai
VerifiedTrustedCommunity
去除中文文本中的 AI 写作痕迹,使其读起来自然。基于维基百科 AI 写作特征指南,检测 24 种 AI 模式。触发词:humanizer-cn、去除 AI 痕迹、去除 AI 写作痕迹、中文文本人性化。
3,962SKILL.mdUpdated Apr 10, 2026