Skillv1.0.0

ClawScan security

competitive-ops · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 8, 2026, 3:59 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's files and runtime instructions mostly match its competitive-intelligence purpose, but there are a few inconsistencies and operational behaviors (silent update check referenced but not present, npx installs/Playwright downloads, and optional external search fallback) that warrant caution before installing or running it.
Guidance: What to check before installing or running this skill: - Review the repository locally first: the code and scripts (scripts/*.py, export_pdf.js, export_image.js) are present and consistent with the described functionality — but always inspect them before executing. - The setup steps call npx and pip (and Playwright which downloads browser binaries). Run these manually in an isolated environment (use a Python virtualenv, and consider a disposable VM/container) rather than letting an agent run them unattended. - The README/CLAUDE.md instructs a silent update check (node update-system.mjs check). I could not find that script in the provided manifest — this mismatch is a warning. If an updater exists or is downloaded later, inspect its code and network endpoints before allowing it to run, because updaters can change behavior or pull remote code. - Tavily is optional: only set TAVILY_API_KEY if you trust that service. Do not put other secrets into environment variables for this skill. - The skill performs network research (web-search, web-fetch, and optional Tavily). Expect outbound network calls and that search metadata (company names, queries) will leave your environment. If that is sensitive, do not enable external search fallback or run in an environment with restricted network access. - If you want to use HTML/PDF export features, confirm you are comfortable installing uipro-cli and Playwright (these will download code/binaries from npm and Playwright's browser hosts). Bottom line: the project appears coherent for its purpose, but the missing/ambiguous updater reference and the need to run external installers/downloaders justify caution — inspect any updater script, run installs manually in an isolated environment, and only provide API keys (Tavily) when intentionally opting in.

Review Dimensions

Purpose & Capability: okThe name/description (competitive intelligence pipeline) aligns with included files (report templates, pricing analyzer, export scripts, many sample reports) and the SKILL.md instructions. Required env/configs declared are minimal and consistent (Tavily is opt‑in).
Instruction Scope: concernSKILL.md instructs the agent to read and write local project files (data/competitors.md, reports, snapshots) which is expected. However it also directs running external installs and commands (npx playwright install, npx uipro-cli init, pip install -r requirements.txt) and refers to running a silent update checker (node update-system.mjs check) on first message. The manifest does not clearly include update-system.mjs (instruction references a script that appears missing), which is an incoherence and a potential red flag because an absent-or-remote updater can change runtime behavior. The skill also uses web-search/web-fetch/Tavily fallbacks — network calls are expected for this purpose but will transmit queries externally.
Install Mechanism: noteThere is no packaged install spec; this is instruction-driven. The setup steps rely on npx (npm packages) and pip installs and Playwright browser downloads. Those are standard for the functionality (HTML/PDF export, screenshots), but they pull code/binaries from the network at install time — a moderate operational risk that should be run manually and reviewed in a controlled environment.
Credentials: okThe skill declares no required environment variables and no primary credential; Tavily API key is optional and explicitly opt‑in in the docs. No unrelated credentials are requested. This is proportionate to a tool that optionally uses an external search service.
Persistence & Privilege: notealways:false and no declared requests to modify other skills or system-wide configs. However the SKILL.md/CLAUDE.md instructs running an 'update checker' on session start and mentions monitor/loop modes for scheduled monitoring — these enable persistent or recurring network activity if exercised. Because the referenced updater script is not visible in the manifest, this behavior should be audited before allowing autonomous execution.