Phishing Kit Detector
PassAudited by ClawScan on May 10, 2026.
Overview
The skill mostly matches its phishing-detection purpose, but users should verify the source and pricing, and understand it will contact chosen URLs and read a local license/email setting.
Before installing, verify the repository or package source, confirm the correct pricing/licensing terms, and only run scans against URLs and local HTML files you are authorized to analyze. The static 'eval(atob' signal appears consistent with detecting obfuscated phishing JavaScript rather than executing it.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the skill may send network requests to the URL being analyzed and reveal that the user's environment accessed that site.
The skill can fetch and analyze user-supplied URLs. This is central to phishing detection, but it can still contact third-party infrastructure and should be limited to authorized targets.
python3 phishing_detector.py --url "https://suspicious-site.com/login"
Use it only on domains you own or are authorized to audit, and review URL arguments before running.
A user who installs from the referenced repository could receive code that differs from the reviewed artifact if the repository changes.
The README points to an unpinned external repository, while the registry source is unknown and there is no install spec. This is user-directed setup, not automatic execution, but provenance should be checked.
git clone https://github.com/snipercat69/edgeiq-phishing-kit-detector.git
Install only from a trusted source, inspect the files before running, and prefer a pinned release or commit.
The skill may read a local EdgeIQ license key or email value from the environment.
The scanner reads a local license file and also checks the EDGEIQ_EMAIL environment variable for Pro access. This is purpose-aligned licensing behavior, and the shown code does not transmit those values.
LICENSE_FILE = Path.home() / ".edgeiq" / "license.key"
Only set license-related environment variables you intend the tool to read, and avoid placing unrelated secrets in the same files.
A user could be confused about what they are buying or which payment link is authoritative.
This pricing conflicts with SKILL.md's '$39 lifetime' and '$7/mo' language and with other upgrade text in the license module. The inconsistency affects user trust and purchase clarity.
Pro ($19/mo) or Bundle ($39/mo)
Verify current pricing and licensing terms with the publisher before paying.