ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Beta Competitor Analysis

v1.0.0

Comprehensive competitor analysis framework. Research competitors, compare products, identify gaps, and find positioning opportunities. Used by startups, inv...

0· 39·0 current·0 all-time
by@1477009639zw-blip
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The SKILL.md promises a comprehensive framework (positioning maps/2D visualizations, Porter/SWOT integration, detailed comparisons, configurable reports) but the included analysis.py is a 150-line script that simply prints a hard-coded, static Markdown report. The code does not implement visualization, pricing scraping, data collection, category-based analysis, or most CLI flags shown in SKILL.md. This is a clear mismatch between claimed capability and actual implementation.
!
Instruction Scope
SKILL.md instructs running examples like --category, --report, and --output flags, but analysis.py only accepts --competitors and a required --us argument (which SKILL.md examples omit). Neither SKILL.md nor the script reference reading environment variables, network calls, or files; the script also performs no I/O beyond printing to stdout. The instruction set therefore overpromises and is inconsistent with the actual runtime behavior.
Install Mechanism
No install spec; the skill is instruction-only with a small included Python script and requires only python3 on PATH. No downloads, archives, or external installers are present.
Credentials
The skill declares no required environment variables or credentials, and the code does not access env vars or external config paths. The requested environment access is minimal and proportional to the contained code.
Persistence & Privilege
always is false and the skill does not request persistent presence or modify agent/system configs. It does not request elevated privileges or access to other skills' settings.
What to consider before installing
This skill appears safe to run (no network, no credentials required), but it is misleading: the SKILL.md advertises features (visualizations, advanced reports, category-based analysis) that the included script does not implement. If you plan to use it, either (1) ask the publisher for a corrected SKILL.md or a real implementation that supports the advertised flags and visualization output, (2) inspect and test the script locally with non-sensitive example input (note the script requires a --us argument that examples omit), or (3) rewrite or extend the script to implement the desired analysis. Do not rely on the printed output as a real analysis — it's a static, templated report and may be inaccurate or incomplete.

Like a lobster shell, security has layers — review code before you run it.

businessvk97ee8g6dcwzmaxwvnvtqph07583rejvlatestvk97ee8g6dcwzmaxwvnvtqph07583rejvresearchvk97ee8g6dcwzmaxwvnvtqph07583rejvstrategyvk97ee8g6dcwzmaxwvnvtqph07583rejv

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔍 Clawdis
Binspython3

Comments