← 返回 Skills 市场
eyensama

SEO Audit Bot

作者 EyenSama · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
103
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install seo-audit-bot
功能描述
Perform a comprehensive SEO audit of any website. Analyzes technical SEO, on-page factors, content quality, performance, and generates an actionable report w...
安全使用建议
This skill appears to do what it says: fetch a URL and analyze HTML for SEO signals. Before installing or running it, note: (1) the README/script expect HTTP fetch capabilities (web_fetch or curl) and typical Unix text tools (curl, grep, sed, wc) even though the registry metadata doesn't list them — ensure your runtime provides them; (2) the skill will fetch any user-supplied URL, so in environments that can reach internal network services this can be used to access intranet endpoints (SSRF risk) — restrict allowed domains or run in an isolated environment if that matters; (3) review the included scripts (scripts/audit.sh) before execution — they write temporary files to /tmp and use standard command-line parsing (no obfuscation), which appears benign. If you need stronger guarantees, run the skill in a sandboxed agent or review/modify the script to enforce allowed hostnames.
功能分析
Type: OpenClaw Skill Name: seo-audit-bot Version: 1.0.0 The skill provides SEO auditing functionality but includes a shell script (scripts/audit.sh) that is vulnerable to argument injection. The script passes the user-provided URL directly to curl without sanitization, which could allow an attacker to inject additional flags (e.g., -o) to overwrite local files or perform unauthorized network requests. While the skill's instructions in SKILL.md and documentation in README.md align with its stated purpose, the inclusion of a script with a high-risk RCE/file-overwrite vulnerability warrants a suspicious classification.
能力评估
Purpose & Capability
The skill's name, description, SKILL.md, README, and scripts all align with an SEO auditing purpose. However, the package metadata claims no required binaries while README and scripts clearly rely on web_fetch/exec and on-system tools (curl, grep, sed, wc). This is a minor incoherence: the tool genuinely needs HTTP-fetching and basic Unix text utilities, but they are not declared in the registry metadata.
Instruction Scope
SKILL.md instructs fetching the target URL, robots.txt, sitemap and analyzing HTML — all appropriate for SEO. The included script performs these fetches and writes temporary files to /tmp. A security-relevant behavior: the skill will fetch arbitrary URLs supplied by the user (including intranet/private IPs), which is expected for this purpose but introduces SSRF-like risks if run in an environment with access to internal services. The instructions do not attempt to read unrelated local files or exfiltrate data to external endpoints.
Install Mechanism
There is no install spec (instruction-only with an included helper script). Nothing downloads or extracts remote archives; the code consists of plain files and a shell script. No high-risk install mechanisms are present.
Credentials
The skill declares no environment variables or credentials and does not request broad secrets. The runtime behavior uses network fetches only, which is proportionate to the stated purpose. The only resource access is writing temporary files under /tmp for analysis (normal for a shell helper).
Persistence & Privilege
The skill is not marked always:true and does not request permanent agent-wide privileges. It does not modify other skills or system-wide configurations. Autonomous invocation is allowed by default but not combined with other concerning factors.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install seo-audit-bot
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /seo-audit-bot 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release
元数据
Slug seo-audit-bot
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

SEO Audit Bot 是什么?

Perform a comprehensive SEO audit of any website. Analyzes technical SEO, on-page factors, content quality, performance, and generates an actionable report w... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 103 次。

如何安装 SEO Audit Bot?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install seo-audit-bot」即可一键安装,无需额外配置。

SEO Audit Bot 是免费的吗?

是的,SEO Audit Bot 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

SEO Audit Bot 支持哪些平台?

SEO Audit Bot 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 SEO Audit Bot?

由 EyenSama(@eyensama)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论