Skillv1.0.1

ClawScan security

GEO Site Readiness Audit · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewFeb 28, 2026, 12:17 PM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code and docs mostly match an on‑site GEO audit, but there are several inconsistencies and sloppy details (missing dependency declarations, references to config files that are not present, and an apparent bug) that warrant review before installing or enabling autonomous runs.
Guidance: This skill appears to implement the advertised GEO site audit, but review and test before installing or enabling autonomous invocation. Actionable points: - The scripts require Python and the 'requests' package; install and test locally (python3 + pip install requests). The registry metadata did not list these—fix that mismatch or be prepared to install dependencies. - There are references in docs to config files (config/weights.json, config/webhooks.json) and helper scripts that are not included. Expect to create or supply these if you want weighted scoring, webhook notifications, or CI integration. - scripts/geo_audit.py contains a programming bug (undefined variable 'html' in check_raw_html_content). That should be corrected before relying on automated runs. - The tool fetches arbitrary URLs supplied to it. If the agent/runner has network access to internal hosts, an attacker could abuse the tool to probe internal services. Do not run with elevated network privileges or against sensitive internal hosts unless you trust the input and environment. - The references include webhook examples; if you add webhook/email configuration, ensure those endpoints are trusted (they would receive audit reports). If you want, I can: (a) point out the exact lines to fix the undefined variable, (b) generate a minimal requirements.txt and README fixes, or (c) scan the remainder of geo_audit.py (truncated here) for additional issues — tell me which you prefer.

Review Dimensions

Purpose & Capability: noteName/description align with the included scripts: the package performs HTTP-based site audits across accessibility, schema, citability and technical checks. However, the registry metadata declares no required binaries or env vars while the code requires Python and the third‑party 'requests' library (the script exits if requests is missing). The SKILL.md and references also mention config files (e.g., config/weights.json, config/webhooks.json) and other helper scripts (compare_audits.py, check_threshold.py) that are not present in the manifest — a mismatch between declared requirements and actual runtime needs.
Instruction Scope: concernRuntime instructions and scripts perform arbitrary outbound HTTP requests to user-supplied domains and write reports to disk (expected for an audit tool). The SKILL.md suggests using the skill whenever a user mentions auditing a website — that could cause the agent to issue many network requests automatically. There is also an apparent bug in scripts/geo_audit.py (check_raw_html_content refers to an undefined variable 'html'), which may cause crashes or incomplete audits. The references include webhook/email/CI examples; while these are examples, if the skill is extended to send notifications it could exfiltrate reports to external endpoints if configured (no webhooks are configured by default in the manifest). Important: running these scripts in an environment with access to internal/private networks could be used to probe internal hosts (SSRF-like behavior) — the instructions do not warn about that.
Install Mechanism: okNo install spec is provided (instruction-only + Python scripts). This is lower install risk because nothing is automatically downloaded or executed by an installer. The only runtime dependency is the 'requests' library which must be installed by the operator; that is a normal dependency for this kind of tool.
Credentials: noteThe skill declares no required environment variables or credentials (good). The docs include example webhook and email config snippets (with placeholder URLs and SMTP credentials), but these are examples — the manifest does not require them. If you add webhook/email notifications in your environment, those secrets would be necessary; the skill itself does not request them. Still, the mismatch between docs referencing config/webhooks.json and the absence of such files is confusing and should be clarified.
Persistence & Privilege: okalways: false and user-invocable: true (normal). The skill does not request persistent system-level configuration or modify other skills. It writes report files to the working directory when run (expected behavior for an audit tool).