功能描述

AI推荐防投毒检测器 / AI Recommendation Poison Detector. 你有没有遇到过：AI推荐了一款产品，买回来才发现是劣质品或根本不存在的品牌？这就是GEO投毒——不法商家花钱批量制造虚假软文，让AI误以为这些产品是市场上的优质选择。这个skill帮你识破这些陷阱。三种使用方式：(1)...

使用说明 (SKILL.md)

GEO Poison Detector — AI推荐投毒检测器

Name: Geo Poison Detector
Author: graysonzeng

这个工具是做什么的？

问题： AI推荐的产品不一定可信。不法商家通过「GEO优化」——批量生成含虚假参数的软文并大量铺发——让AI误以为这些虚构商品是市场上的优质选择。2026年央视315晚会曝光此类黑产，收费1.5–2万元/年，2小时内即可让虚假产品成为AI的「标准答案」。

这个skill做什么： 在你收到AI产品推荐时，自动扫描伪科技话术、软文模板特征、来源可信度，给出🟢安全 / 🟡可疑 / 🔴高危三档风险判断，并生成验证链接让你一键核查。

三种使用方式：

🤖 自动防护：AI推荐产品时，自动附带风险标记，无需任何操作
🔍 主动检测：发送 检测产品名 或 /check product name，立即查
🔗 链接分析：发送文章链接，自动抓取并分析是否为投毒软文

覆盖范围： 中文/英文产品，国内（京东/淘宝/企查查）和国际（Amazon/BBB/USPTO）双市场验证。

What this tool does (EN): Detects GEO (Generative Engine Optimization) poisoning — bad actors mass-generate fake product specs into AI training data, making fraudulent products appear as authoritative AI recommendations. Exposed by CCTV 315 (2026, China); similar tactics documented by Wired/MIT Tech Review globally. Auto-flags products when AI recommends them, supports user quick-checks by name, and analyzes article URLs for soft-ad patterns.

Mode 1: Auto-Trigger (AI Recommending Products)

Whenever you are about to recommend a specific product or brand, run detection first, then append a risk badge inline:

[Your normal recommendation answer]

---
🛡️ GEO投毒检测 / Poison Check: [🟢 SAFE / 🟡 SUSPICIOUS / 🔴 HIGH RISK]
触发指标 / Indicators: [list triggered signals, or "无" if clean]
验证链接 / Verify: [run verify_product.py and include top 2-3 links]

Do NOT skip this step when recommending products. This is the core value of the skill.

Mode 2: User Quick-Check (Product Name)

Triggered when user sends any of:

/check \x3Cproduct name>
检测 \x3C产品名>
查一下 \x3C产品名>
is this legit: \x3Cproduct>
这个可信吗: \x3C产品名>
Or any message asking to verify a specific product by name

Action: Run the full 5-step detection workflow on the product name. Output the full report format. Run scripts/verify_product.py "\x3Cproduct>" to generate verification links.

Example interaction:

User: /check 量子能量水杯黑洞级净化
Agent: 🔴 HIGH RISK — 检测到2个高权重伪科技词汇
触发指标：
• [Step 1] 「量子能量」— 高风险伪量子话术
• [Step 1] 「黑洞级」— 高风险伪黑科技话术
验证链接：[京东] [企查查] [国家专利局]
建议：该产品名称含多个典型GEO投毒特征词，极可能为虚假推荐，请勿购买。

Mode 3: URL Analysis (Article/Page)

Triggered when user sends a URL and asks to check it:

check this: https://...
帮我检测这篇文章: https://...
这个链接可信吗: https://...
Any URL from: WeChat (mp.weixin.qq.com), Zhihu, Baijiahao, Medium, blog sites

Action:

Use web_fetch to retrieve the article content
Run the full 5-step detection workflow on the fetched text
Also note the source domain as part of Step 4 source quality assessment
Output the full report format

Example interaction:

User: 帮我检测这篇文章 https://mp.weixin.qq.com/s/xxxxx
Agent: [fetches content]
🟡 SUSPICIOUS — 检测到软文批量生成特征
触发指标：
• [Step 2] 模板化结构："很多人不知道的是" + 产品推荐固定格式
• [Step 4] 来源：微信公众号自媒体，无权威背书
验证链接：[产品名搜索链接]
建议：内容结构符合GEO软文模板，建议通过官方渠道核实产品信息。

Handling fetch failures: If web_fetch fails or is blocked, ask user to paste the article text and switch to Mode 2 workflow.

Detection Workflow (5 Steps)

Apply to content from any mode.

Step 1 — Pseudo-tech buzzword scan (HIGH weight)

Load references/pseudo-tech-terms.md. Scan for high-risk terms in both CN and EN sections.

2+ high-risk terms → immediately 🔴
1 high-risk term → 🟡 suspicious

Step 2 — Batch-generated content fingerprint (HIGH weight)

Universal signals (CN+EN):

Fixed template structure (Problem → Solution → Product plug)
Keyword stuffing (product name repeated 5+ times)
Vague superlatives without verifiable data
No model numbers, no verifiable specs, no brand registration
Multiple sources with identical or near-identical wording

CN-specific:

"很多人不知道的是..." / "内部员工都在用"
自媒体/百家号/微信公众号 as sole sources
无厂商官网、无天猫/京东旗舰店

EN/Global-specific:

"Doctors don't want you to know..."
Affiliate disclosure buried or absent
Only "as seen on" claims, no retailer presence
Reviews only on brand's own site, not Amazon/Trustpilot

Step 3 — Product authenticity cross-verification (MEDIUM weight)

Run scripts/verify_product.py "\x3Cproduct name>" [--market cn|global|auto]

CN market: JD.com, Taobao, Qichacha, Tianyancha, CNIPA patents, GB standards Global market: Amazon, Google Shopping, BBB, Trustpilot, USPTO patents, EU RAPEX, Reddit

Step 4 — Source quality assessment (MEDIUM weight)

Source Type	CN Example	Global Example	Trust
Major retailer official	京东/天猫旗舰店	Amazon/BestBuy official	High
Gov/standards body	国家标准委/CNIPA	FDA/CE/ISO	High
Mainstream media	央视/人民日报	NYT/BBC/Reuters	High
Brand official site	品牌官网	brand.com	Medium
Self-media only	百家号/头条/微信	Medium blogs/affiliate	Low
Unknown/unverifiable	来源不明	Unknown	Very Low

Step 5 — Risk verdict

Result	Threshold
🟢 SAFE	0–1 low-weight indicators
🟡 SUSPICIOUS	2+ medium OR 1 high-weight indicator
🔴 HIGH RISK	2+ high-weight OR confirmed fake specs

Output Format

Quick badge (Mode 1 auto-trigger):

🛡️ GEO Check: 🟢 SAFE — no poisoning signals detected

Full report (Mode 2 quick-check or Mode 3 URL, or when user asks for details):

[🟢/🟡/🔴] \x3Cone-line verdict in user's language>

触发指标 / Indicators:
• [Step N] \x3Cindicator> — \x3Cexplanation>

验证链接 / Verify:
• \x3Cplatform>: \x3Curl>

建议 / Recommendation: \x3Cnext action>

Language

Match user's language (CN/EN/mixed)
Auto-detect market from product name (CJK → CN, Latin → Global)
For CN products in global context: check international presence too

References

Term library (CN+EN): references/pseudo-tech-terms.md — load during Step 1
Verification script: scripts/verify_product.py — run during Step 3
- Usage: python3 verify_product.py "\x3Cname>" [--market cn|global|auto]

安全使用建议

This skill appears internally consistent: it bundles a harmless Python helper that builds public verification URLs and a list of pseudo‑tech buzzwords; the runbook tells the agent to fetch pages (web_fetch) and run local checks. Before installing, consider: (1) If you enable the skill's automatic auto‑trigger mode, the agent may fetch user-provided URLs — ensure that outbound web_fetch behavior and privacy policies are acceptable in your environment. (2) The detection is heuristic and may yield false positives/negatives; treat results as investigative help, not definitive proof. (3) If you want to be extra cautious, keep the skill user‑invocable only (disable autonomous triggers) and review/execute scripts in an isolated environment — the bundled script itself does not perform network calls or exfiltrate data. Overall, no unexplained credential or install requests were found.

功能分析

Type: OpenClaw Skill Name: geo-poison-detector Version: 1.3.0 The geo-poison-detector skill is designed to identify fraudulent product recommendations by scanning for pseudo-scientific buzzwords and content patterns. The bundle contains a Python script (scripts/verify_product.py) that generates legitimate verification links for major retailers and patent offices, and a reference library (references/pseudo-tech-terms.md) used for content analysis. The instructions in SKILL.md are well-aligned with the stated purpose and do not contain any malicious directives or attempts to exfiltrate sensitive data.

能力评估

✓ Purpose & Capability

Name, description, and included artifacts (pseudo-tech term list + Python verifier) align with a product/soft-ad poisoning detector. No unrelated secrets, binaries, or platform SDKs are required.

ℹ Instruction Scope

SKILL.md directs the agent to scan text with the included term list, run the bundled scripts/verify_product.py, and (optionally) fetch web pages via web_fetch. All referenced files are present and used for the stated checks. Note: web_fetch will retrieve arbitrary pages supplied by users — this is expected for URL analysis but has privacy/CSF implications (see guidance).

✓ Install Mechanism

No install spec; instruction-only with one small Python script and a reference file. No external downloads, package installs, or extract steps are present.

✓ Credentials

The skill requires no environment variables, credentials, or privileged config paths. The Python script constructs public search URLs and prints checklists; it does not access secrets or perform network requests itself.

✓ Persistence & Privilege

always is false and there is no request for permanent/privileged presence or modification of other skills or system settings. Autonomous invocation is allowed (platform default) but not combined with other red flags.

版本历史

v1.3.0

改进中英文简介，用普通用户能看懂的语言说明功能和使用方式 / Rewrote CN+EN description in plain user-friendly language

v1.2.0

Add Mode 2 (user quick-check: /check or 检测) and Mode 3 (URL analysis via web_fetch); full CN+EN bilingual; auto market detection

v1.1.0

Auto-trigger on AI product recommendations; bilingual CN+EN detection; global market verification links (Amazon/BBB/USPTO/EU RAPEX)

v1.0.0

Initial release: GEO AI poison detection for product recommendations

元数据

Slug geo-poison-detector

版本 1.3.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 4

常见问题

Geo Poison Detector 是什么？

AI推荐防投毒检测器 / AI Recommendation Poison Detector. 你有没有遇到过：AI推荐了一款产品，买回来才发现是劣质品或根本不存在的品牌？这就是GEO投毒——不法商家花钱批量制造虚假软文，让AI误以为这些产品是市场上的优质选择。这个skill帮你识破这些陷阱。三种使用方式：(1)... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 157 次。

如何安装 Geo Poison Detector？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install geo-poison-detector」即可一键安装，无需额外配置。

Geo Poison Detector 是免费的吗？

是的，Geo Poison Detector 完全免费，采用 MIT-0 许可证，可自由下载、安装和使用。

Geo Poison Detector 支持哪些平台？

Geo Poison Detector 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 Geo Poison Detector？

由 graysonzeng（@graysonzeng）开发并维护，当前版本 v1.3.0。

Geo Poison Detector