Safe Web
Skill by adamnaghs
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/adamnaghs/safe-webWhat This Skill Does
Safe Web is a specialized security-focused retrieval tool designed for OpenClaw AI agents. It acts as a hardened gateway between the open internet and your AI environment. By integrating PromptGuard, the skill performs deep-content inspection on every web page fetched or search result returned. It strips away volatile elements like CSS and JavaScript, leaving behind pure text that is then analyzed for prompt injection patterns. If a site attempts to manipulate the AI, the tool triggers a security lockout, ensuring your session integrity is never compromised.
Installation
Installation requires a two-stage process. First, ensure PromptGuard is correctly configured in your workspace by navigating to its directory and running pip3 install --break-system-packages -e .. Next, install the web-specific dependencies including requests and beautifulsoup4. It is highly recommended to create a symbolic link for the safe-web.py script in /usr/local/bin/ to enable global execution. If you require search functionality, ensure your BRAVE_API_KEY is exported in your environment variables, as the tool relies on the Brave Search API to aggregate secure web results.
Use Cases
Safe Web is ideal for users performing OSINT (Open Source Intelligence), automated market research, or data gathering on potentially untrusted or unverified web sources. It excels in scenarios where the AI is tasked with summarizing articles, extracting product specifications, or scanning news feeds where "prompt injection" or "indirect prompt injection" risks are elevated. Developers building autonomous agents can use this tool to prevent malicious actors from hijacking their agents via web-hosted text.
Example Prompts
- "Safe-web, search for the latest updates on global energy policy and provide a bulleted summary of findings from trusted sources."
- "Fetch the content from https://tech-blog.com/security-trends and tell me if there are any critical vulnerabilities mentioned without exposing me to injection threats."
- "Perform a secure search for 'AI development frameworks' with a result limit of 5 and output the data in JSON format for my report generator."
Tips & Limitations
To maximize effectiveness, always use the --strict flag when dealing with high-risk websites to ensure the highest PromptGuard sensitivity. Note that because this tool performs an explicit scan, fetching very large pages might take longer than standard tools. Currently, the tool does not execute JavaScript, which makes it incredibly safe but also means it cannot parse content from dynamic single-page applications (SPAs) that require browser rendering to display data. Always keep your PromptGuard dependency updated to ensure the scan library recognizes the newest injection vectors.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-adamnaghs-safe-web": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: network-access, file-write, file-read, external-api
Related Skills
options-spread-conviction-engine
Multi-regime options spread analysis engine with quantitative rigor. Features regime detection (VIX-based), GARCH volatility forecasting, drawdown-constrained Kelly position sizing, and walk-forward backtesting. Scores vertical spreads (bull put, bear call, bull call, bear put) and multi-leg strategies (iron condors, butterflies, calendar spreads) using Ichimoku, RSI, MACD, Bollinger Bands, and IV term structure analysis.
lsp
Multi-language code navigation via persistent LSP daemons. Supports Python (pyright), TypeScript/JS, Rust, Go, C/C++, Bash, Java, CSS, HTML, JSON. Auto-detects language from file extension and lazy-starts the appropriate server. Use instead of grep for definitions, references, hover, symbols, and diagnostics.