v1.0.0

Google Reviews

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 6:26 AM.

Analysis

This is a coherent review-research and monitoring skill, with understandable notes around authorized Google access, recurring heartbeats, and local persistent storage.

GuidanceThis skill appears safe for its stated purpose. Before using recurring monitoring, decide which companies, Google sources, accounts, cadence, and local storage you want it to use. Do not place credentials, tokens, or private customer identifiers in the memory files, and periodically review or remove the ~/google-reviews/ directory if you stop monitoring.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Rogue Agents

SeverityLowConfidenceHighStatusNote

setup.md

Clarify how this should activate in future sessions: - Auto-activate for reputation and review monitoring requests - Stay quiet unless explicitly requested

The skill supports future activation preferences and recurring monitoring behavior, but frames this as a user-selected setup choice rather than hidden autonomous operation.

User impactIf the user enables monitoring, the agent may continue using stored preferences for future review-reporting requests and heartbeat-style updates.

RecommendationChoose the activation mode and monitoring cadence explicitly, and keep outbound alerts or posting ask-first unless you intentionally configure otherwise.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityLowConfidenceHighStatusNote

SKILL.md

https://mybusiness.googleapis.com | Location and account identifiers, review query parameters | Business Profile review retrieval when user authorizes API workflows

The skill may use authorized Google Business Profile or Merchant workflows involving account, location, merchant, or product identifiers. This is aligned with review monitoring, but users should scope any authorization carefully.

User impactIf enabled, the skill may access review-related data tied to business or merchant accounts the user authorizes.

RecommendationAuthorize only the specific Google accounts, locations, merchants, or products needed for the review task, and avoid broad account-wide permissions when narrower access is available.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityLowConfidenceHighStatusNote

SKILL.md

Memory lives in `~/google-reviews/` ... `snapshots/{brand}/{source}.jsonl` ... `heartbeat/monitor-state.md`

The skill persists monitoring preferences, source status, snapshots, reports, and heartbeat state locally. This is disclosed and purpose-aligned, but it creates reusable context that can persist across sessions.

User impactReview data, brand watchlists, monitoring thresholds, and reporting preferences may remain on the local machine after use.

RecommendationKeep the directory limited to monitoring-relevant data, avoid storing credentials or private customer identifiers, and delete or archive ~/google-reviews/ when monitoring is no longer needed.