Safe Web

# safe-web

Secure web fetch and search with **PromptGuard** scanning.

## Status

✅ Working

## Purpose

Protects against prompt injection attacks hidden in web content before returning it to the AI. Wraps web fetching and searching with security scanning.

## Installation

Requires [PromptGuard](https://clawhub.ai/seojoonkim/prompt-guard) and Python dependencies:

```bash
# Install PromptGuard first
cd /home/linuxbrew/.openclaw/workspace/skills/prompt-guard
pip3 install --break-system-packages -e .

# Install web dependencies (if not present)
pip3 install --break-system-packages requests beautifulsoup4
```

## Usage

### Fetch Command

Fetch a URL and scan the content:

```bash
# Basic fetch
safe-web fetch https://example.com/article

# Save to file
safe-web fetch https://example.com --output article.txt

# JSON output for automation
safe-web fetch https://example.com --json

# Strict mode (block on MEDIUM)
safe-web fetch https://example.com --strict
```

### Search Command

Search the web and scan results:

```bash
# Basic search
safe-web search "AI safety research"

# More results
safe-web search "stock market news" --count 10

# JSON output
safe-web search "machine learning" --json
```

## Exit Codes

| Code | Meaning |
|------|---------|
| 0 | Success - content/results are clean |
| 1 | Error (network, parsing, etc.) |
| 2 | Threat detected - content blocked |

## Configuration

### Environment Variables

- `BRAVE_API_KEY` - API key for Brave Search (optional, enables search command)
  - Get one at: https://brave.com/search/api/

### Symlink (Recommended)

Create a system-wide symlink so `safe-web` works from any directory:

```bash
sudo ln -s /home/linuxbrew/.openclaw/workspace/skills/safe-web/scripts/safe-web.py /usr/local/bin/safe-web
```

After creating the symlink, you can use `safe-web` directly without specifying the full path.

## How It Works

### Fetch Flow
1. Downloads URL content with requests
2. Extracts text using BeautifulSoup (removes scripts,...

# Safe-Web

A secure, drop-in replacement for OpenClaw's native `web_fetch` and `web_search` tools with built-in prompt injection protection.

## What It Does

Safe-web wraps all web operations with **PromptGuard** scanning to detect and block prompt injection attacks hidden in web content, emails, PDFs, and documents before they reach the AI.

## Why Use This?

By default, OpenClaw's native `web_fetch` and `web_search` tools fetch content directly without security scanning. Safe-web provides the same functionality but adds a critical security layer that scans all content for:

- Instruction override attempts ("ignore previous instructions")
- Role manipulation attacks ("you are now DAN")
- System impersonation patterns
- Hidden malicious payloads in web pages

## Installation

### 1. Install Dependencies

```bash
# Install PromptGuard first
cd /home/linuxbrew/.openclaw/workspace/skills/prompt-guard
pip3 install --break-system-packages -e .

# Install web dependencies
pip3 install --break-system-packages requests beautifulsoup4
```

### 2. Create Symlink (Optional but Recommended)

```bash
sudo ln -s /home/linuxbrew/.openclaw/workspace/skills/safe-web/scripts/safe-web.py /usr/local/bin/safe-web
```

### 3. Configure Brave API Key (for search)

Get a free API key at https://brave.com/search/api/ and set it:

```bash
export BRAVE_API_KEY="your-key-here"
```

## Usage

Safe-web is designed as a drop-in replacement. Use it anywhere you would use the native tools:

```bash
# Instead of web_fetch
safe-web fetch https://example.com/article

# Instead of web_search  
safe-web search "AI safety research"
```

See [SKILL.md](SKILL.md) for full documentation and examples.

## Disabling Native Tools (Recommended)

Once safe-web and promptguard are installed and working, you should disable the native `web_fetch` and `web_search` tools in your OpenClaw configuration. This ensures the model **always** uses local prompt injection detection when browsing.

To disable native tools, a...