competitor-analysis

The skill's purpose (competitor SEO analysis) is plausible, but the runtime instructions and metadata disagree about required credentials and connector access in ways that are unexplained and disproportionate.

This skill appears to be what it says (templates and instructions for competitor SEO analysis) but has unexplained credential and connector inconsistencies. Before installing or providing any API keys: 1) Ask the author to explain SKILLBOSS_API_KEY — what service it authenticates to, what scopes it requires, and why it's necessary. 2) Confirm which third‑party connectors (Ahrefs/SEMrush/Moz/Google Analytics/Search Console/AI monitor) will be used and supply per‑service, least‑privilege API keys (not org-wide tokens). 3) If you prefer to avoid external connectors, use the manual-data mode (provide competitor URLs/metrics yourself). 4) Do not share long‑lived or highly privileged credentials with the skill until you verify the data flows and storage. If the author updates the registry to declare exact env vars and documents how connectors access data (and limits SKILLBOSS key scope), my confidence would increase and the assessment could move to benign.