Seo Reporter

Security checks across static analysis, malware telemetry, and agentic risk

Overview

The skill appears to perform a straightforward read-only SEO audit, but it will run a local script that makes web requests to the URL you provide.

This skill looks safe for ordinary webpage SEO checks. Before installing, be aware that it runs a Bash script using curl and will make web requests to the URL you provide, so only audit pages you are comfortable contacting from your machine.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#ASI02: Tool Misuse and Exploitation

Low

What this means

Running the skill will contact the supplied website from the user's environment and may also contact related URLs on the same domain.

Why it was flagged

The script makes outbound HTTP requests to the user-supplied target URL and also derives robots.txt and sitemap.xml URLs for additional checks.

Skill content

HTTP_CODE=$(curl -s -o "$HTML" -D "$HEADERS" -L -A "seo-reporter/1.0" ... "$TARGET_URL" ...)

Recommendation

Use it only for URLs you intend to audit, and avoid passing private, token-bearing, or internal-only URLs unless that is deliberate.