GEO Competitor Scanner
PassAudited by ClawScan on May 1, 2026.
Overview
The skill performs the disclosed competitor website scans and report generation, with no artifact evidence of credential use, persistence, hidden exfiltration, or destructive behavior.
This appears safe for its stated purpose. Before installing or running it, confirm you are comfortable making HTTP requests to the listed competitor domains, choose a safe output file path, and install any needed Python packages from trusted sources.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Scanned websites may receive requests from the user's environment, and large competitor lists could generate multiple outbound requests.
The scanner makes outbound HTTP requests to domains supplied through the brand and competitor arguments. This is central to the advertised website-scanning purpose, but users should recognize that running it contacts those sites.
resp = requests.get(url, timeout=self.timeout, allow_redirects=True)
Use it only for public domains you are comfortable scanning, keep competitor lists reasonable, and be mindful of site terms or rate limits.
A user may need to install Python dependencies manually before running the scanner.
The script depends on external Python packages, but the metadata has no install spec or pinned dependency versions. The artifact does not auto-install them, so this is a setup/provenance note rather than a concern.
print("Error: pip install requests beautifulsoup4")Install dependencies from trusted package sources and consider pinning versions in your own environment.