Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Geo Monitor
v1.2.0Re-audit a website and compare scores against a previous GEO audit baseline to track improvement over time. Use when the user asks to re-audit, check progres...
⭐ 0· 28·0 current·0 all-time
byEugene Liu@enzyme2013
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (re‑audit + compare to baseline) match the instructions: the skill reads a baseline file (or auto-detects one), fetches the target site, runs the geo‑audit procedure, and computes deltas. It does rely on related geo-audit reference files (../geo-audit/...) being present, which is a legitimate dependency but means the skill is not self-contained.
Instruction Scope
Instructions are scoped to auditing and comparison. The runtime steps include reading a baseline Markdown file from the current directory (or a provided path) and reading subagent reference docs from ../geo-audit/references/*. That requires filesystem access to those paths. It also fetches user-supplied URLs (network outbound) and explicitly treats fetched HTML as untrusted and warns about prompt injection. This is appropriate for the stated purpose but you should confirm the referenced ../geo-audit files exist in the agent environment.
Install Mechanism
No install spec or code files are present; this is instruction-only and therefore does not write code or binaries to disk during install.
Credentials
The skill declares no environment variables, no secrets, and no config paths beyond opening baseline and reference Markdown files. That is proportional for a re‑audit/comparison skill.
Persistence & Privilege
The skill does not request permanent presence (always:false) and does not modify other skills or system configs. Autonomous invocation is allowed (platform default) and is appropriate for this utility.
Scan Findings in Context
[prompt-injection-pattern:ignore-previous-instructions] expected: The scanner found a prompt-injection pattern string. The SKILL.md intentionally documents prompt-injection attempts and explicitly instructs the agent to treat fetched content as untrusted and to ignore such instructions, so the presence of the string appears defensive/expected rather than malicious.
Assessment
This skill appears to do what it says: re-audit a site and compare against a baseline. Before installing, confirm the environment where the agent runs contains the referenced geo-audit files (../geo-audit/references/) and any baseline report files you expect it to read; otherwise the skill may fail. Be aware it will make outbound requests to the target URL(s) you provide and will read local Markdown baseline files in the working directory. The SKILL.md contains explicit anti‑prompt‑injection guidance (the scanner flagged an injection pattern, but it is present as an example and defensive instruction). If you plan to run audits on internal or sensitive sites, ensure network access and data handling policies are acceptable. If you want stronger isolation, run the skill in a controlled environment or verify the referenced geo-audit documents first.SKILL.md:24
Prompt-injection style instruction pattern detected.
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.Like a lobster shell, security has layers — review code before you run it.
ai-visibilityvk979df5bgmjsvxcw01kk5srhhx848wazgeovk979df5bgmjsvxcw01kk5srhhx848wazlatestvk979df5bgmjsvxcw01kk5srhhx848wazseovk979df5bgmjsvxcw01kk5srhhx848waz
License
MIT-0
Free to use, modify, and redistribute. No attribution required.