Skillv1.0.0

ClawScan security

Sovereign Seo Audit · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 23, 2026, 12:09 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's declared purpose (an SEO auditor) matches its instructions and requirements: it's an instruction-only auditor that asks the agent to inspect web pages, site files, and content and does not request unrelated credentials, installs, or system access.
Guidance: This skill appears internally consistent for an SEO auditor: it only describes checks against public pages and provided files and does not request credentials or install code. Before using it, avoid handing over private analytics or Search Console credentials unless you explicitly want the agent to access them — the skill does not require those by default. Also be aware that the agent will fetch and analyze any URLs or codebases you provide (including non-public content if you paste it), so don't paste secrets or private configuration. If you need the auditor to access private services (GSC, analytics), grant those credentials only through secure channels and rotate them afterward.

Review Dimensions

Purpose & Capability: okThe name/description describe an SEO auditor and the SKILL.md contains a comprehensive checklist of SEO checks. There are no requested binaries, environment variables, or installs that are unrelated to performing web and code inspections, so the resource requests are proportionate to an auditing tool.
Instruction Scope: noteInstructions ask the agent to analyze URLs, HTML/codebases, sitemaps, robots.txt, indexing via site: queries, and backlink/profile signals. This is appropriate for an SEO audit, but several checks (Google Search Console, analytics) would require explicit user-supplied credentials/APIs to access private data — the SKILL.md only prompts to look for their existence and does not instruct the agent to access private consoles by default.
Install Mechanism: okThere is no install spec and no code files to execute — the skill is instruction-only, which minimizes risk because nothing will be written to disk or fetched at install time.
Credentials: okThe skill requests no environment variables, credentials, or config paths. The checks described (crawlability, tags, schema, etc.) can be performed by fetching pages or analyzing provided files; nothing in the manifest asks for unrelated secrets.
Persistence & Privilege: okThe skill is not always-enabled, does not request elevated persistence, and contains no instructions to modify other skills or global agent configuration. Autonomous invocation is allowed by platform default but is not combined with other red flags here.