GEO Performance Analysis
PassAudited by ClawScan on May 7, 2026.
Overview
This is a coherent DeepSeek-based brand visibility analyzer, but users should know it requires a DeepSeek API key and sends the brand/category query to that provider.
Before installing, confirm you are comfortable using a DeepSeek API key and sending the brand/category being tested to DeepSeek. Use a trusted environment, watch API costs, and consider pinning dependencies if you deploy this beyond casual testing.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using the skill may consume the user's DeepSeek API quota and requires protecting the API key.
The skill uses a DeepSeek API key from the environment to make provider API calls. This is sensitive account authority, but it is expected for the stated API-based analysis and is not hardcoded.
api_key = os.getenv("DEEPSEEK_API_KEY") ... base_url="https://api.deepseek.com/v1"Use a dedicated or restricted DeepSeek API key where possible, set it only in a trusted environment, and monitor provider usage/costs.
Brand/category terms and resulting analysis context may be visible to the DeepSeek API provider.
The brand name, category keyword, and generated recommendation text are sent through DeepSeek chat-completion calls. This matches the skill purpose and the SKILL.md disclosure, but it is still an external provider data flow.
probing_prompt = f"作为一个客观的行业专家,请为我推荐几个优秀的【{category_keyword}】解决方案..." ... judge_user_prompt = (f"目标品牌/产品:{brand_name}\n\n" f"待分析文本:\n{probing_text}\n\n")Avoid submitting confidential launch names, private strategy terms, or regulated data unless DeepSeek's data handling terms are acceptable.
Dependency behavior could change over time if newer package versions are installed.
The declared dependencies are package-version ranges rather than pinned artifacts, so a future install can resolve different dependency versions. This is common for Python skills and is not suspicious by itself.
openai>=1.0.0 pydantic>=2.0.0 python-dotenv>=1.0.0
For production or sensitive use, install in a clean virtual environment and consider pinning exact dependency versions.