ClawHub

SEO Intel

Security checks across malware telemetry and agentic risk

Overview

SEO Intel is a coherent SEO analysis skill, but it also guides agents toward editing and deploying live websites, which needs explicit human review before use.

Install only if you are comfortable with a broad SEO workflow that may crawl sites, store results locally, use cloud models for analysis, and guide live website changes. Before using deploy-related sections, require a reviewed diff, confirm the exact site and Cloudflare project, avoid private or regulated content unless cloud processing is acceptable, and do not allow Wrangler deployment to run automatically.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (6)

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The guide materially extends an SEO analysis skill into an analyze-modify-deploy workflow, including editing site files and deploying changes with Wrangler. That scope expansion is dangerous because a caller invoking an SEO tool could be steered into making production changes far beyond read-only analysis, increasing the chance of unauthorized modification, supply-chain abuse, or destructive mistakes.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The documentation explicitly instructs shell execution via child_process and production deployment through `wrangler deploy`, which is not necessary for core SEO intelligence gathering. Embedding execution guidance inside the skill increases the risk that an agent with shell access will perform sensitive system or production actions under the guise of SEO work.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The documented workflow proceeds directly from analysis and automated fixes to `wrangler deploy` without an explicit user confirmation gate. In an agentic environment, this can cause immediate global production changes from inferred intent rather than verified authorization, which is especially risky for public websites.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The skill advertises extremely broad activation criteria such as SEO analysis, competitor research, crawling, content strategy, and implementation planning. In an agent ecosystem, this increases the chance of unintended invocation on loosely related requests, which can trigger network crawling, cloud analysis, or downstream action generation without the user explicitly asking for this specific tool.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The pipeline explicitly sends extracted site data to OpenClaw cloud models for analysis, but the skill does not present a prominent warning or consent gate about external data transmission. Users may reasonably assume a local SEO tool keeps processing local, when in fact content, competitor data, and derived intelligence may be uploaded to third-party services.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The deploy workflow instructs agents to run live production deployment with Wrangler and states there is no staging or undo, yet the section still provides direct fix-and-deploy steps that can be followed mechanically. In an agent setting, this creates a meaningful risk of unsafe autonomous production changes based on generated analysis, especially when edits may affect public content immediately.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal