PLS Website Audit
PassAudited by ClawScan on May 1, 2026.
Overview
This appears to be a straightforward website audit guide with purpose-aligned commands and no evidence of hidden credential use, persistence, or data exfiltration.
Before installing, be aware that the skill may guide your agent to run website-checking commands and optional third-party audit tools. Use it only on sites you are allowed to test, and verify any npx or pip tools before running them.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the audit may send multiple requests to the target website.
The skill documents recursive website crawling for broken-link checking. This is expected for a website audit, but it can generate traffic and should be limited to authorized targets.
wget --spider -r -l 2 https://example.com 2>&1 | grep -E "(broken|failed|error)"
Use the skill only on websites you own or are authorized to test, and keep crawl depth/rate appropriate for the site.
If the user chooses to run those commands, external packages may be downloaded and executed locally.
The skill suggests optional external CLI tools installed or run through npx and pip without pinned versions. This is common for audit tooling, but it relies on external package provenance.
npx lighthouse https://example.com --only-categories=performance --output=json ... npx web-vitals https://example.com ... pip install LinkChecker
Install audit tools from trusted sources, consider pinning versions, and review package provenance before running npx or pip commands.