Phishing Reporter
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or poorly checked URL could be submitted as phishing to a safety service.
The skill directs browser automation to submit an external abuse-reporting form. This is the skill's stated purpose, but it is still an external action with real-world effect.
**Google Safe Browsing (fully automated)** ... 7. Click Submit
Confirm the exact URL and threat category with the user before submitting reports.
If the user provides the wrong URL, the report may be sent to multiple abuse desks or authorities.
The same report can be propagated to several organizations. This is disclosed and purpose-aligned, but a single mistaken input could spread across multiple reporting channels.
Report to **all applicable services** in order: ... Google Safe Browsing ... NCSC Switzerland ... Domain registrar
Before reporting to all services, verify the URL and consider whether each service is applicable.
Personal contact details or descriptive information may leave the local session and be sent to the reporting service.
The NCSC workflow may send the reported URL, description, and contact information to an external reporting service.
Continue through remaining steps (URL input, description, contact info)
Only include contact information and details the user explicitly agrees to share.