Seo Reporter
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill appears to perform the advertised read-only SEO audit using curl, with only routine cautions about fetching user-supplied URLs and temporary local files.
This looks coherent for a URL-based SEO report. Before installing, understand that it will make read-only web requests to the URL you provide and may leave fetched page data in temporary local files; use it mainly for public or authorized pages.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill will contact the website URL you provide, including robots.txt and sitemap.xml on that domain.
The skill delegates URL fetching and analysis to a shell script using a user-provided URL, which is expected for an SEO auditor but means the agent will make outbound HTTP requests.
The agent should run `audit.sh` with the target URL and present the output as a formatted markdown report.
Use it only for public or authorized URLs, and avoid pointing it at internal services or private endpoints unless you intend that access.
If you audit a private or tokenized page, parts of the fetched content or headers may remain in a local temporary directory after the run.
The script stores fetched page HTML and response headers in a temporary local directory; the visible code does not show removal of those files.
TMPDIR=$(mktemp -d)
HTML="${TMPDIR}/page.html"
HEADERS="${TMPDIR}/headers.txt"Prefer auditing public pages, avoid sensitive URLs with tokens, and clean temporary files if the audited content is private.