Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Geo Compare
v1.2.0Compare GEO scores across 2-3 competing websites side by side — identify where competitors lead and where you should focus optimization efforts. Use when the...
⭐ 0· 30·1 current·1 all-time
byEugene Liu@enzyme2013
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to run full parallel GEO audits and to read subagent instructions and a scoring guide from ../geo-audit/references/*. However the package is instruction-only and does not include those referenced files or declare a dependency on a geo-audit skill/repo. That means the instructions assume external artifacts or another skill will be present; this is an incoherence between claimed capability and what's actually provided.
Instruction Scope
The SKILL.md instructs the agent to fetch and analyze user-supplied URLs (expected for this purpose) and to launch subagents (Technical, Citability, Schema, Brand). It also instructs reading local relative paths for subagent specs and scoring rules. Because those files are absent and no dependency is declared, the agent may either fail, attempt to locate unrelated files, or misuse other available resources. The SKILL.md does include explicit guidance to treat fetched HTML as untrusted and to log prompt-injection attempts, which is a positive control, but the presence of prompt-injection patterns (see scan findings) inside the skill text itself is notable.
Install Mechanism
No install spec and no code files are present — lowest disk/write risk. The README mentions an npx install command, but there is no install script in the package. Lack of an install step reduces installation risk but exacerbates the dependency/integration mismatch.
Credentials
The skill requests no environment variables, no credentials, and no config paths. There is no overt request for secrets or unrelated permissions, which is proportionate to an auditing/comparison skill.
Persistence & Privilege
always:false and the skill is user-invocable; it does not demand permanent presence or elevated agent privileges. Autonomous model invocation remains possible (platform default), but there is no additional persistence or system-wide config modification requested by the skill itself.
Scan Findings in Context
[prompt-injection:ignore-previous-instructions] expected: The SKILL.md explicitly documents prompt-injection phrases (e.g., 'Ignore previous instructions') as examples to detect and ignore when encountered in fetched content — so the presence of the pattern inside the skill is expected as part of its 'Untrusted Content Handling' guidance. Still, the registry pre-scan flagged it because such strings are commonly used in malicious payloads; include vigilance when fetching external pages.
What to consider before installing
This skill is instruction-only and clearly describes how to compare GEO scores, but it refers to ../geo-audit/* documents and subagent specs that are not bundled and are not declared as dependencies. Before installing or running it, confirm one of the following: (a) you already have the referenced geo-audit skill/repository and its files available to the agent, or (b) the skill author provides the missing scoring-guide and subagent definitions. Test the skill on non-sensitive public URLs first. Because it fetches arbitrary user-supplied pages, ensure the agent's network access is appropriately sandboxed and avoid providing any credentials. If you plan to let the agent run autonomously, require explicit approval before allowing it to launch parallel subagents or fetch external sites. If you cannot verify the external geo-audit artifacts or trust the skill source, do not run it.SKILL.md:24
Prompt-injection style instruction pattern detected.
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.Like a lobster shell, security has layers — review code before you run it.
ai-visibilityvk97bsz45k4dtcvp1y7era4a1q18497s2geovk97bsz45k4dtcvp1y7era4a1q18497s2latestvk97bsz45k4dtcvp1y7era4a1q18497s2seovk97bsz45k4dtcvp1y7era4a1q18497s2
License
MIT-0
Free to use, modify, and redistribute. No attribution required.