v0.1.0

Local Falcon

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 5:18 AM.

Analysis

No malicious behavior is evident; this is a coherent instruction-only SEO skill, but its optional Local Falcon MCP connection can use an API key, access account data, spend scan credits, and create recurring tracking.

GuidanceThis skill is safe to treat as instruction-only SEO guidance unless you choose to connect the Local Falcon MCP. Before doing that, review the @local-falcon/mcp package, protect the API key, and explicitly approve any scan, campaign, or monitoring action that could use credits or change account settings.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusNote

references/mcp-workflows.md

`runLocalFalconScan` | Execute new scan (uses credits) ... `createLocalFalconCampaign` | Create new scheduled campaign

The optional MCP tools can perform credit-consuming scans and create or modify Local Falcon account workflows. This is aligned with the SEO analysis purpose, but it is account-affecting behavior.

User impactIf the MCP is connected, an agent could run scans that use credits or change tracking/campaign settings.

RecommendationRequire explicit user confirmation before running scans, saving locations, creating campaigns, or changing Falcon Guard settings.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

SKILL.md

npm install @local-falcon/mcp ... "command": "npx", "args": ["@local-falcon/mcp"]

The skill recommends installing and invoking a separate npm MCP package without a pinned version. This is purpose-aligned, but the external package is outside the instruction-only skill itself.

User impactConnecting MCP may run code obtained from npm, and future package changes could affect behavior.

RecommendationInstall only from the expected Local Falcon package, consider pinning a reviewed version, and review the MCP package before providing an API key.

Rogue Agents

SeverityLowConfidenceHighStatusNote

references/mcp-workflows.md

"would you like to set this up as a Campaign? That way it runs automatically on a schedule"

The MCP workflow can create scheduled campaigns that continue running after setup. This is disclosed and relevant to rank tracking, but it is persistent behavior.

User impactRecurring scans or monitoring may continue to run and consume credits until paused or removed.

RecommendationSet recurring campaigns only intentionally, review their schedule and credit use, and know how to pause or remove them.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusNote

SKILL.md

"env": { "LOCAL_FALCON_API_KEY": "your-api-key-here" }

The MCP setup requires placing a Local Falcon API key into the agent's MCP configuration. This credential use is expected for live Local Falcon data access.

User impactThe configured MCP server can act with the permissions of the Local Falcon API key.

RecommendationUse a dedicated API key if available, store it securely, rotate it if exposed, and avoid connecting accounts the agent should not access.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityLowConfidenceHighStatusNote

SKILL.md

ORCHESTRATION MODE - You can pull real data and provide specific, data-driven analysis

When MCP is connected, Local Falcon account, location, scan, and report data can be brought into the agent context for analysis.

User impactBusiness performance, location, review, and account data may appear in the agent conversation or related logs.

RecommendationConnect only data you are comfortable processing in the agent environment, and avoid requesting analysis of sensitive accounts in shared chats.