Seo Prospector
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill may need local Python and external service setup even though those are not fully captured in registry requirements.
The registry requirements are sparse even though the skill documentation invokes Python scripts and the manifest references an external Perplexity API. This is an under-declared setup requirement, not evidence of malicious behavior.
Required binaries (all must exist): none ... Required env vars: none
Before using it, confirm Python is available and review any Perplexity or notification credentials/configuration you choose to add.
If outreach drafts are sent without verifying the claims and recipient preferences, they could be perceived as spam or misrepresent the audit findings.
The skill generates persuasive outbound marketing content. This matches the stated lead-generation purpose, and the artifacts include review/checklist language, but sending unreviewed drafts could affect reputation or compliance.
Creates personalized outreach (HTML emails, LinkedIn messages, DMs)
Manually review every outreach message, verify the SEO findings are current, and follow applicable email, SMS, and platform rules.
If a user configures scheduled runs, the skill could continue researching and generating pipeline data on a schedule.
The manifest advertises scheduled automation. This is disclosed and purpose-aligned for recurring prospecting, but any cron job can keep running until explicitly disabled.
creates personalized HTML outreach emails — all automated via cron jobs
Only enable cron jobs intentionally, set limits on runs and API usage, and document how to stop or remove the schedule.
Lead records, research reports, and outreach status may remain in the workspace after a run.
The skill keeps persistent prospect and pipeline state. This is expected for deduplication and tracking, but it means business/contact data and outreach status may be retained and reused.
Tracks everything in a database with dedup + cluster rotation
Review the stored lead data periodically, avoid adding unnecessary personal data, and delete stale records when they are no longer needed.
Business prospect details and pipeline summaries may be sent to third-party services if those integrations are configured.
The skill discloses external provider use for web research and summaries. These flows are purpose-aligned, but users should be aware that prospect queries or summary data may leave the local workspace.
perplexity (for web research — free tier works) ... Daily pipeline summaries delivered to Discord
Check provider settings, webhook destinations, and privacy expectations before sending prospect reports or summaries externally.