✓ Verified 💻 Development ✓ Enhanced Data

Safe Web

Secure web fetch and search with **PromptGuard** scanning.

Rating
4.8 (337 reviews)
Downloads
646 downloads
Version
1.0.0

Overview

Secure web fetch and search with **PromptGuard** scanning.

Complete Documentation

View Source →

safe-web

Secure web fetch and search with PromptGuard scanning.

Status

✅ Working

Purpose

Protects against prompt injection attacks hidden in web content before returning it to the AI. Wraps web fetching and searching with security scanning.

Installation

Requires PromptGuard and Python dependencies:

bash
# Install PromptGuard first
cd /home/linuxbrew/.openclaw/workspace/skills/prompt-guard
pip3 install --break-system-packages -e .

# Install web dependencies (if not present)
pip3 install --break-system-packages requests beautifulsoup4

Usage

Fetch Command

Fetch a URL and scan the content:

bash
# Basic fetch
safe-web fetch https://example.com/article

# Save to file
safe-web fetch https://example.com --output article.txt

# JSON output for automation
safe-web fetch https://example.com --json

# Strict mode (block on MEDIUM)
safe-web fetch https://example.com --strict

Search Command

Search the web and scan results:

bash
# Basic search
safe-web search "AI safety research"

# More results
safe-web search "stock market news" --count 10

# JSON output
safe-web search "machine learning" --json

Exit Codes

CodeMeaning
0Success - content/results are clean
1Error (network, parsing, etc.)
2Threat detected - content blocked

Configuration

Environment Variables

  • BRAVE_API_KEY - API key for Brave Search (optional, enables search command)
  • Get one at: https://brave.com/search/api/

Symlink (Recommended)

Create a system-wide symlink so safe-web works from any directory:

bash
sudo ln -s /home/linuxbrew/.openclaw/workspace/skills/safe-web/scripts/safe-web.py /usr/local/bin/safe-web

After creating the symlink, you can use safe-web directly without specifying the full path.

How It Works

Fetch Flow

  • Downloads URL content with requests
  • Extracts text using BeautifulSoup (removes scripts, styles)
  • Scans extracted text with PromptGuard
  • Returns clean content or blocks with SHIELD report

Search Flow

  • Queries Brave Search API (requires API key)
  • Scans each result title and description
  • Filters out suspicious results
  • Returns only clean results

Security Model

Fail-closed: If PromptGuard cannot be loaded or scanning fails, the tool reports an error rather than returning unverified content.

Content sanitization: HTML is parsed and scripts/styles are removed before scanning to reduce false positives.

No execution: This tool only fetches and scans. It never executes JavaScript or runs commands found in web content.

Example Output

Clean Fetch

text
Fetching: https://site.com/article
Fetched 1523 characters
Scanning with PromptGuard...

Article content here...

Blocked Content

text
Fetching: https://suspicious-site.com
Fetched 2048 characters
Scanning with PromptGuard...
============================================================
🛡️  SAFE-WEB SECURITY ALERT
============================================================
Source: https://suspicious-site.com
Severity: CRITICAL
Action: BLOCK_NOTIFY
Patterns Matched: 8

Detected Patterns:
  - instruction_override_en
  - role_manipulation_en
  - system_impersonation_en
============================================================

Content from https://suspicious-site.com has been blocked.

Search Results

text
Searching: AI research
Found 5 results, scanning...

Showing 3 clean results:

1. Latest AI Research Papers
   URL: https://arxiv.org/list/ai/recent
   Recent submissions in artificial intelligence...

2. AI Safety Institute
   URL: https://www.safe.ai/
   Research and development for safe AI systems...

When to Use

Use safe-web when:

  • Fetching content from untrusted URLs
  • Scraping web pages for analysis
  • Searching and processing web results
  • Any web content will enter the AI context window
Use standard web_fetch/web_search tools only for:
  • Trusted, known-safe domains
  • Internal documentation sites
  • When you explicitly want to bypass scanning

Comparison with Native Tools

FeatureNative web_fetchsafe-web fetch
Fetches HTML
Extracts text
Injection scanning
JSON output
Save to file
Exit codes0/10/1/2 (security)

Dependencies

  • Python 3.8+
  • PromptGuard 3.1.0+ (installed in workspace)
  • requests
  • beautifulsoup4
  • Brave Search API key (for search command)

Limitations

  • Search requires Brave API key (free tier available)
  • Fetch does not execute JavaScript (static HTML only)
  • Large pages may be truncated during text extraction
  • Network timeouts default to 30 seconds

Installation

Terminal bash 

openclaw install safe-web
Copied!

💻Code Examples

pip3 install --break-system-packages requests beautifulsoup4

pip3-install---break-system-packages-requests-beautifulsoup4.txt
## Usage

### Fetch Command

Fetch a URL and scan the content:

safe-web fetch https://example.com --strict

safe-web-fetch-httpsexamplecom---strict.txt
### Search Command

Search the web and scan results:

safe-web search "machine learning" --json

safe-web-search-machine-learning---json.txt
## Exit Codes

| Code | Meaning |
|------|---------|
| 0 | Success - content/results are clean |
| 1 | Error (network, parsing, etc.) |
| 2 | Threat detected - content blocked |

## Configuration

### Environment Variables

- `BRAVE_API_KEY` - API key for Brave Search (optional, enables search command)
  - Get one at: https://brave.com/search/api/

### Symlink (Recommended)

Create a system-wide symlink so `safe-web` works from any directory:

sudo ln -s /home/linuxbrew/.openclaw/workspace/skills/safe-web/scripts/safe-web.py /usr/local/bin/safe-web

sudo-ln--s-homelinuxbrewopenclawworkspaceskillssafe-webscriptssafe-webpy-usrlocalbinsafe-web.txt
After creating the symlink, you can use `safe-web` directly without specifying the full path.

## How It Works

### Fetch Flow
1. Downloads URL content with requests
2. Extracts text using BeautifulSoup (removes scripts, styles)
3. Scans extracted text with PromptGuard
4. Returns clean content or blocks with SHIELD report

### Search Flow
1. Queries Brave Search API (requires API key)
2. Scans each result title and description
3. Filters out suspicious results
4. Returns only clean results

## Security Model

**Fail-closed:** If PromptGuard cannot be loaded or scanning fails, the tool reports an error rather than returning unverified content.

**Content sanitization:** HTML is parsed and scripts/styles are removed before scanning to reduce false positives.

**No execution:** This tool only fetches and scans. It never executes JavaScript or runs commands found in web content.

## Example Output

### Clean Fetch
example.sh
# Install PromptGuard first
cd /home/linuxbrew/.openclaw/workspace/skills/prompt-guard
pip3 install --break-system-packages -e .

# Install web dependencies (if not present)
pip3 install --break-system-packages requests beautifulsoup4
example.sh
# Basic fetch
safe-web fetch https://example.com/article

# Save to file
safe-web fetch https://example.com --output article.txt

# JSON output for automation
safe-web fetch https://example.com --json

# Strict mode (block on MEDIUM)
safe-web fetch https://example.com --strict
example.sh
# Basic search
safe-web search "AI safety research"

# More results
safe-web search "stock market news" --count 10

# JSON output
safe-web search "machine learning" --json
example.txt
Fetching: https://site.com/article
Fetched 1523 characters
Scanning with PromptGuard...

Article content here...
example.txt
Fetching: https://suspicious-site.com
Fetched 2048 characters
Scanning with PromptGuard...
============================================================
🛡️  SAFE-WEB SECURITY ALERT
============================================================
Source: https://suspicious-site.com
Severity: CRITICAL
Action: BLOCK_NOTIFY
Patterns Matched: 8

Detected Patterns:
  - instruction_override_en
  - role_manipulation_en
  - system_impersonation_en
============================================================

Content from https://suspicious-site.com has been blocked.
example.txt
Searching: AI research
Found 5 results, scanning...

Showing 3 clean results:

1. Latest AI Research Papers
   URL: https://arxiv.org/list/ai/recent
   Recent submissions in artificial intelligence...

2. AI Safety Institute
   URL: https://www.safe.ai/
   Research and development for safe AI systems...

Tags

#web_and-frontend-development #web

Quick Info

Category Development
Model Claude 3.5
Complexity One-Click
Author adamnaghs
Last Updated 3/10/2026
🚀
Optimized for
Claude 3.5
🧠

Ready to Install?

Get started with this skill in seconds

openclaw install safe-web

Resources

📂
OpenClaw Skills
View on OpenClaw GitHub

Related Skills

✓ Verified 💻 Development

4claw

4claw — a moderated imageboard for AI agents.

🧠 Claude-Ready #ai_and-llms
)}
4.4 (118)
4,990
v1.0.0
✓ Verified 💻 Development

Aap Passport

Agent Attestation Protocol - The Reverse Turing Test.

🧠 Claude-Ready #ai_and-llms
)}
4.3 (89)
4,621
v1.0.0
✓ Verified 💻 Development

Acestep Lyrics Transcription

Transcribe audio to timestamped lyrics using OpenAI Whisper or ElevenLabs Scribe API.

GPT-Optimized #ai_and-llms #api #script
)}
3.8 (274)
17,648
v1.0.0
✓ Verified 💻 Development

Adaptive Suite

A continuously adaptive skill suite that empowers Clawdbot.

🧠 Claude-Ready #ai_and-llms #bot
)}
4.7 (88)
1,625
v1.0.0