Skillv1.0.0

ClawScan security

SEO Automated Content Pipeline · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 16, 2026, 1:28 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill coherently describes an SEO content pipeline but omits key operational details (publishing/authentication and external tool integrations) that are necessary for its claimed capabilities, creating a mismatch that warrants caution.
Guidance: This is an instruction-only SEO pipeline that describes auto-publishing and scraping-like analysis but does not declare how it will authenticate or which external services it will talk to. Before installing or using it: 1) Ask the author to document the publish/authentication flow (which CMS APIs, how credentials are provided, whether OAuth or limited-scope API keys are used). 2) Require explicit, per-publish user confirmation rather than silent publishing. 3) Never paste long-lived admin credentials into a chat—use time-limited or least-privilege API tokens with narrow scope. 4) Confirm which external SEO tools or endpoints (if any) will be called and what data is sent to them. 5) Plan to review generated content before publish to avoid factual errors or policy violations. 6) Because there is no shipped code, the actual runtime behavior depends on how your agent implements these instructions; if you need stronger assurances, request the author add explicit integration steps, required env vars, and safety guardrails (publish confirmation, rate limits, logging) before enabling automated publishing.

Review Dimensions

Purpose & Capability: concernThe skill claims end-to-end automation including 'Auto-publish to website CMS' and competitor/keyword analysis. Those actions normally require CMS credentials (e.g., WordPress API credentials) and/or third‑party SEO tool APIs (Ahrefs/SEMrush/etc.). The skill declares no required environment variables, credentials, or integration endpoints, which is inconsistent with the stated purpose.
Instruction Scope: noteSKILL.md instructs the agent to 'search for competitor websites' and 'analyze competitor content layout and keyword coverage' and to 'auto-publish' generated articles. Instructions do not define how external requests should be made, what endpoints are trusted, nor do they require explicit user confirmation flows. This leaves broad discretion to the agent at runtime (e.g., web scraping, sending content to unknown endpoints, or prompting the user to paste credentials).
Install Mechanism: okThere is no install spec and no code files; this is instruction-only. That minimizes disk/install risk because nothing is downloaded or executed from an external URL as part of installation.
Credentials: concernThe skill requests no environment variables or credentials despite describing actions that require them (CMS publishing, possibly SEO API keys). Absence of declared credential requirements is a mismatch: publishing or integration steps will need secrets at runtime, creating risk that the agent will request them interactively or be configured later with broad credentials without clear limits.
Persistence & Privilege: okThe skill does not request 'always: true' and uses default autonomous invocation settings. It does not ask to modify other skills or system-wide configs. However, autonomous invocation combined with publishing capability could increase impact if the agent acts without clear user confirmations; the skill does not specify such safeguards.