Market Intelligence Claw
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This instruction-only skill appears purpose-aligned for market research, but users should notice that optional paid APIs and provider credentials may be used.
This skill looks safe to install as an instruction-only market-research helper. Before using optional tiers, create dedicated provider credentials, set quota and spend limits, review every planned query, and avoid sharing confidential business or customer information.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Approving a plan could send public search terms to third-party providers and consume paid API credits.
The skill uses external and potentially cost-bearing APIs, but it explicitly requires a research plan and user approval before running searches.
I can also use paid APIs ... I show you every planned search before running it and wait for your OK
Review each research plan, use the free tier when possible, and only approve paid API calls you understand.
If enabled, provider credentials could authorize API usage and potentially incur charges on the user’s account.
The optional DataForSEO tier requires account credentials rather than just a scoped API key, which is sensitive even though it is purpose-aligned.
Auth: Login + password (not API key) ... Authorization: Basic base64("{login}:{password}")Use dedicated low-privilege credentials where possible, set spend caps and quotas, avoid production/shared passwords, and rotate credentials after use if concerned.
Business strategy details shared with the agent may be reused during the session to guide research and recommendations.
The skill maintains a business profile in the conversation context, but it also tells the agent not to collect more sensitive business or customer data.
Business Profile: name ... industry ... target_customer ... platforms ... competitors ... geography ... goals ... Never collect or store: exact revenue, customer personal data
Share only the business details needed for the research task and keep confidential revenue, customer, credential, or internal strategy data out of the profile.