ClawHub

Brandomica Lab

v1.0.5

Check brand name safety across domains, social handles, trademarks, app stores, and SaaS channels. Get availability scores, safety assessments, and filing re...

0· 197·1 current·1 all-time
byBrandomica Lab@brndmk
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description, listed checks (domains, social, trademarks, app stores, registries) and the requirement of npx + an npm package are coherent: these operations commonly require network queries and a small CLI/server package to orchestrate them.
Instruction Scope
SKILL.md stays on-topic (describes brand checks and workflows) and does not ask for unrelated files or environment variables. However the instructions are high-level and do not explain where results or evidence documents are sent — the tool names imply network activity and possible backend communication, which is expected for this kind of service but is not explicitly described.
Install Mechanism
Install uses a node package (brandomica-mcp-server). Pulling and running code from npm is a common and expected approach for a CLI/server skill, but npm packages execute code from the registry and are moderate risk. The clawhub.json points to a GitHub repo which you should review before installing.
Credentials
The skill requests no environment variables, credentials, or config paths. That is proportionate for public searches (domains, app stores, trademark databases) which typically don't need secrets.
Persistence & Privilege
always:false (default), no config paths, and no claims of modifying other skills or system-wide settings. Autonomous invocation is allowed (platform default) but not excessive here.
Assessment
This skill appears internally consistent for brand-safety checks, but installing the npm package will download and run third-party code. Before installing: review the package repository (https://github.com/BRNDMK/brandomica-mcp-server), inspect package.json and source for network endpoints and data handling, prefer running it in a sandboxed environment, do not supply secrets or credentials, and monitor network traffic on first runs. If you need stronger assurance, ask the publisher for a signed package or a reproducible build you can audit.

Like a lobster shell, security has layers — review code before you run it.

latestvk97avrs84nh5agahpq6vn2z6xh82m8ae

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔍 Clawdis
Binsnpx

Install

Nodenpm i -g brandomica-mcp-server

Comments