ClawHub

brand-protection

v1.0.1

When the user faces brand impersonation, fake websites, phishing sites, or trademark infringement. Also use when the user mentions "fake site," "impersonatio...

0· 54·0 current·0 all-time
byKostja Zhang@kostja94
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchases
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the actions in SKILL.md: discovery, evidence collection, reporting to registrars/hosts/search engines, and legal/remediation guidance. The skill does not request unrelated credentials, binaries, or install steps.
Instruction Scope
Instructions are focused on collecting URLs, screenshots, WHOIS/hosting data and submitting reports to the listed abuse/reporting endpoints — all appropriate. The SKILL.md also instructs the agent to read local project context files (.claude/project-context.md or .cursor/project-context.md) for brand info; this is reasonable but the package metadata did not declare those config paths as required, so callers should be aware the skill may read those files if present.
Install Mechanism
Instruction-only skill with no install spec and no code files — minimal risk from installation or remote downloads.
Credentials
No environment variables, credentials, or config paths are required. All external interactions are to public reporting tools and lookup services appropriate to the task.
Persistence & Privilege
always is false and there is no behavior that modifies other skills or requests persistent agent-wide privileges.
Assessment
This skill appears coherent for brand-impersonation response. Before installing: (1) understand it may read local project-context files (remove sensitive data from .claude/.cursor if you don’t want it used); (2) avoid uploading screenshots or customer data containing PII to public reporting forms—redact or get consent; (3) verify URLs and evidence before filing takedowns to avoid false reports; and (4) consult legal counsel for cease-and-desist/DMCA actions when unsure. No credentials or installs are requested, so the main risk is accidental disclosure of sensitive evidence when preparing reports.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ah4e0ct14e2rryvntzwa00184d2qc

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments