Renxing Shangzhan
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An unrelated request to analyze something could be steered toward human-nature or marketing-trigger analysis.
These are generic triggers for a specialized business-warfare/marketing-analysis skill, so the skill may be invoked for broad analysis requests where its framing is not intended.
- "分析" - "analyze"
Use or configure this skill only for business/marketing analysis, and avoid relying on it for general-purpose analysis unless that framing is desired.
The agent may provide tactics that target fears, desires, or weaknesses of customer groups, which can be ethically or legally sensitive.
The skill is designed to produce actionable marketing strategies based on psychological weaknesses and triggers. This is consistent with the stated purpose, but users should notice the persuasion-oriented framing.
console.log("\n【1. 目标人群心理弱点分析】"); ... console.log("\n【可执行市场策略】"); ... console.log(`\n策略${i+1}: 利用${f.name}`);Apply human review and avoid using the output for deceptive, coercive, or vulnerable-user-targeting campaigns.
Publisher identity is less clear than ideal, so users have less provenance context for deciding trust.
The local metadata owner differs from the registry owner ID shown in the supplied metadata, and the source/homepage are not provided. This is a provenance note, not evidence of malicious behavior.
"ownerId": "bruce"
Install only if you trust the registry entry or publisher, and prefer packages with consistent ownership metadata and a verifiable source link.