Stats
Actions
Tags
From safe-fetch
This skill should be used when the user asks to "fetch a URL safely", "sanitize web content", "search the web securely", "check URL safety", "prevent prompt injection from web content", or discusses web fetching security. Also triggers when curl/wget is used to fetch web content.
How this skill is triggered — by the user, by Claude, or both
Slash command
/safe-fetch:safe-fetchThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Provide sanitized web fetching that strips prompt injection vectors before content reaches the LLM context.
Provide sanitized web fetching that strips prompt injection vectors before content reaches the LLM context.
Use the safe-fetch MCP tools for all web content retrieval:
mcp__safe-fetch__fetch — Fetch a URL and return sanitized markdown. Supports prompt parameter for focused extraction and max_tokens for content limits.mcp__safe-fetch__search — Search the web via Brave Search API with sanitized results. Supports location for geo-localized results.mcp__safe-fetch__check_url — Validate URL against security policy without fetching./fetch <url> [extraction focus] — Fetch with sanitization/search <query> — Search with sanitization/check-url <url> — Validate URL safetyContent passes through 6 defense layers:
Always prefer mcp__safe-fetch__fetch over raw curl because:
Set via environment variables when registering the MCP server:
ALLOWED_DOMAINS — Comma-separated domain allowlistBLOCKED_DOMAINS — Additional blocked domainsRATE_LIMIT_PER_DOMAIN — Requests per minute per domain (default: 10)RATE_LIMIT_GLOBAL — Global requests per minute (default: 60)BRAVE_API_KEY — Required for web searchSAFE_FETCH_TIMEOUT — HTTP timeout in seconds (default: 30)SAFE_FETCH_MAX_BODY — Max response body in bytes (default: 5MB)npx claudepluginhub fakoli/fakoli-plugins --plugin safe-fetchValidates URLs and sanitizes untrusted external content. Applies protocol checks, blocks dangerous URLs (localhost, private IPs), and wraps fetched content in security frames to prevent injection attacks.
Implements domain filtering, query validation, content moderation, and budget guardrails for Exa neural search integrations using exa-js.
Defends AI agents against prompt injection from untrusted content like web pages, GitHub issues/PRs, emails, Slack messages, RAG retrievals, and third-party repo files by treating it as data not commands, detecting patterns, refusing exfiltration, and surfacing suspicions to users.