ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Industry Research

v1.0.0

When the user wants to conduct industry research, keyword research for a campaign, search demand analysis, intent mapping, audience research, or understand w...

0· 61·0 current·0 all-time
byMario Karras@mariokarras·duplicate of @mariokarras/industry-research
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill claims to orchestrate Ahrefs, Firecrawl, and Exa — that purpose is plausible. However the package metadata declares no required binaries, no required env vars, and no config paths even though the runtime instructions explicitly rely on exa.js, firecrawl.js, and an AHREFS_API_KEY (or MCP access). The absence of declared dependencies/credentials is an inconsistency: a legitimate integrator would normally list required CLIs and the AHREFS_API_KEY (or MCP access) up front.
!
Instruction Scope
SKILL.md instructs the agent to read .agents/product-marketing-context.md (or .claude/...) if present and to write output to .agents/industry-research-{client}.md. It also contains detailed commands that run exa.js and firecrawl.js and call Ahrefs endpoints using $AHREFS_API_KEY. Those file reads/writes and env var accesses are not declared in the skill manifest. Reading repository-local context files and writing artifacts may be acceptable for research tasks, but the instructions grant broad discretion to access files and run external tools — this should be explicit and reviewed.
Install Mechanism
This is an instruction-only skill (no install spec), which is lower-risk in that nothing is shipped to install on the agent. However, the runtime expects external binaries (exa.js, firecrawl.js, and possibly mcporter / MCP tooling). Because there is no install step and no declared required binaries, the agent operator might be prompted to install or already have unvetted third-party CLIs — a usability and supply-chain gap.
!
Credentials
The SKILL.md explicitly references an AHREFS_API_KEY and suggests using an Ahrefs MCP server or MCP tooling; yet requires.env lists no environment variables and primary credential is none. This is a proportionality mismatch: the skill will fail or attempt to proceed without credentials, and if credentials are provided implicitly to the agent they may be used by this skill without clear declaration. There may be additional implicit credential requirements for MCP or other services that are not declared.
Persistence & Privilege
always is false and the skill does not request system-wide persistence. It does instruct writing an artifact into the agent workspace (.agents/industry-research-{client}.md), which is normal for an output artifact. Autonomous invocation is enabled by default (not flagged here), so ensure you understand when the agent may run this workflow automatically.
What to consider before installing
This skill is plausible for industry/keyword research but contains several unexplained mismatches. Before installing or enabling it: - Confirm required binaries: verify that exa.js, firecrawl.js (and any MCP tooling) are intentionally available in the agent runtime. Ask the skill author to list required CLIs and versions. - Confirm credentials: the instructions reference AHREFS_API_KEY (and MCP access). Do not expose API keys unless you trust the skill and understand where outputs are written. Ask the author to declare required environment variables in the manifest. - Review file access: the skill will read .agents/product-marketing-context.md (and .claude/...) if present and will write .agents/industry-research-{client}.md. Ensure you’re comfortable with those reads/writes and that no sensitive files could be read inadvertently. - Scraping and legal risk: the workflow runs web-scraping tools and may hit third-party sites. Confirm scraping behavior complies with site terms and your organization’s policies. - Operational test: run it in a sandboxed agent or with fake/test credentials first to observe behavior (what network calls it makes, what files it reads/writes) before giving real credentials or enabling autonomous runs. If the author updates the manifest to declare the CLIs and AHREFS_API_KEY (or documents alternative no-credential modes) and documents exactly which files are read/written, the skill would be much easier to assess and less risky.

Like a lobster shell, security has layers — review code before you run it.

latestvk9703k80zjmpx8f05pnfrs53mn83em7d

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments