AI PM Intel Brief
PassAudited by ClawScan on May 1, 2026.
Overview
This instruction-only skill is coherent and low risk; it summarizes recent social-media posts into an AI product brief, with disclosed use of external data collection methods but no code, credentials, persistence, or account-changing behavior.
This appears safe to install as a prompt-style skill. Before using it, remember that it may browse or query social-media sources to build the brief; keep the source list scoped and avoid providing unnecessary account credentials or private content.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may contact external social-media services or use available browsing/scraping workflows to collect posts for the brief.
The skill explicitly authorizes the agent to gather posts through APIs, endpoints, and possibly CLI or browser scraping. This is central to the stated purpose, but it is still a tool-use behavior users should notice.
Prioritize sources in this order: 1. Stable API access 2. First-party or structured endpoints 3. CLI/browser scraping only when needed
Use authorized sources, keep the requested account list and time window scoped, and ask the agent to confirm before using authenticated or scraping-based collection if that matters to you.
There is less publisher/provenance context than ideal, though the reviewed artifacts themselves do not show hidden code or unsafe behavior.
The registry metadata does not provide a source repository or homepage. The impact is limited because this is an instruction-only skill with no install script or code files.
Source: unknown Homepage: none
Review the included instructions and reference files before installing, and prefer skills with clear source provenance when available.