Overview
- Skill Key
- bg1avd/safe-web-fetch-for-save-token
- Author
- bg1avd
- Source Repo
- openclaw/skills
- Version
- -
- Source Path
- skills/bg1avd/safe-web-fetch-for-save-token
- Latest Commit SHA
- b4d58edf1dcb362020415d4965f52e8b80625df5
Official OpenClaw
rules
36%
safe-web-fetch-for-save-token
安全的智能网页抓取技能,节省 50-80% Token。替代内置 web_fetch,自动使用 Jina Reader 清洗服务获取干净 Markdown。内置 URL 白名单验证、SSL 强制验证、敏感数据检测,防止 SSRF 和数据泄露。
Stars
0
Installs
0
Status
ACTIVE
Visibility
PUBLIC
安装方式
直接复制以下提示词,发送给你的 AI 助手即可完成安装。
请先检查是否已安装 SkillHub 商店,若未安装,请根据 https://skillhub-1388575217.cos.ap-guangzhou.myqcloud.com/install/skillhub.md 安装 SkillHub 商店,然后安装 safe-web-fetch-for-save-token 技能。 若已安装,则直接安装 safe-web-fetch-for-save-token 技能。
Extracted Content
SKILL.md excerpt
# Safe Web Fetch
安全的智能网页内容获取技能。保留原版的核心功能(Token 节省 50-80%),但增加多层安全防护。
## 核心功能
- **智能清洗**: 自动使用 Jina Reader 获取干净 Markdown
- **Token 优化**: 去除广告、导航栏等噪音,节省 50-80% Token
- **安全防护**:
- ✅ 强制 SSL 验证(不跳过)
- ✅ URL 白名单验证(阻止内网/私有 IP)
- ✅ 敏感数据检测(不发送包含 API Key/Token 的页面)
- ✅ 可配置允许列表
## 使用方式
### 基本用法
```bash
# 获取清洗后的 Markdown
python3 {baseDir}/scripts/safe_fetch.py "https://example.com/article"
# JSON 格式输出(包含元信息)
python3 {baseDir}/scripts/safe_fetch.py "https://example.com/article" --json
# 查看安全配置
python3 {baseDir}/scripts/safe_fetch.py --show-config
```
### 在 Agent 中使用
当用户需要获取网页内容时:
```
用户: "帮我查一下 https://example.com/article 的内容"
Agent 应该:
1. 运行: python3 ~/.openclaw/skills/safe-web-fetch/scripts/safe_fetch.py "https://example.com/article"
2. 获得清洗后的 Markdown 内容
```
## 安全特性
### 1. URL 白名单验证
阻止以下危险 URL:
- 私有 IP 地址(127.0.0.1, 192.168.x.x, 10.x.x.x, 172.16-31.x.x)
- localhost, *.local
- 内部域名(*.internal, *.localdomain)
- file://, ftp://, data:// 等非 HTTP 协议
### 2. 敏感数据检测
发送前检测页面内容,拒绝发送包含:
- API Keys(`api_key=`, `apikey=`, `key=`)
- Access Tokens(`access_token=`, `token=`)
- Bearer Tokens(`Bearer `, `Authorization: `)
- AWS Keys(`AKIA`, `aws_`)
- Private Keys(`-----BEGIN.*PRIVATE KEY-----`)
### 3. 强制 SSL 验证
不会禁用 SSL 证书验证,确保:
- 连接真实的服务器
- 防止中间人攻击
- 证书错误时拒绝连接
### 4. 可配置允许列表
在 `config.json` 中配置:
```json
{
"allowed_domains": ["example.com", "docs.example.com"],
"blocked_domains": ["ads.example.com"],
"max_content_size": 10485760,
"timeout": 30
}
```
## 输出格式
```json
{
"success": true,
"url": "https://r.jina.ai/http://example.com/article",
"original_url": "https://example.com/article",
"content": "# Article Title\n\nClean markdown content...
Related Claw Skills
edholofy
dojo.md
University for AI agents. 92 courses, 4400+ scenarios, any model via OpenRouter. Auto-training loops generate per-model SKILL.md documents. Works with Claude Code, OpenClaw, Cursor, Windsurf. No fine-tuning required.
lethehades
wps-macos-helper
macOS WPS Office workflow helper skill for safer document preparation, conversion, export, and compatibility guidance
capt-marbles
firecrawl
Web scraping and crawling with Firecrawl API. Fetch webpage content as markdown, take screenshots, extract structured data, search the web, and crawl documentation sites. Use when the user needs to scrape a URL, get current web info, capture a screenshot, extract specific data from pages, or crawl docs for a framework/library.
caqlayan
Tweet Processor
Tweet Processor Skill
carev01
md-docs-search
Full-text search across structured Markdown documentation archives using SQLite FTS5. Use when you need to search large collections of Markdown articles that are separated by "---" delimiters and contain source URLs (marked with "*Source:" pattern). Provides fast BM25-ranked search with automatic source URL extraction for citations. Ideal for research, documentation lookups, and knowledge base exploration. Requires indexing documentation first with `docs.py index`.
camelsprout
duckdb-en
DuckDB CLI specialist for SQL analysis, data processing and file conversion. Use for SQL queries, CSV/Parquet/JSON analysis, database queries, or data conversion. Triggers on "duckdb", "sql", "query", "data analysis", "parquet", "convert data".