company-search-kimi
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may send the company being researched and related query terms to search/fetch services and retrieve many public webpages.
The skill explicitly relies on search and page-fetching tools to collect public company information. This is purpose-aligned, but users should understand that it performs broad external web lookups.
Tools Required - kimi_search ... kimi_fetch ... (optional) web_search / web_fetch
Use it for public-source research and avoid entering confidential investigation details unless you are comfortable sending those queries to the search provider.
Users have less external provenance information to confirm who authored or maintains the skill.
The registry metadata does not provide a source or homepage, and the package name/version do not exactly match the registry entry. There is no executable code or install step, so this is a provenance note rather than a material concern.
Source: unknown; Homepage: none; registry version: 1.0.4; package.json version: 2.0.0
Review the visible instructions before use and prefer skills with clear source/homepage metadata for higher-assurance environments.