ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Meeting Prep

v1.0.0

Prepares briefing docs so you walk into every meeting ready

0· 719·2 current·2 all-time
by@1kalin
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (prepare meeting briefs) match the SKILL.md: web research for people and companies, produce talking points and a one‑page. Nothing in the files asks for unrelated capabilities, binaries, or external services beyond web search and optional user data.
Instruction Scope
Instructions are focused on web research and drafting briefs. They explicitly direct the agent to 'pull from any previous notes or CRM data' when applicable — this is relevant to the task but underspecified (no guidance on which CRMs, connectors, or user consent flows). The skill also advises searching LinkedIn and recent posts; the agent should avoid fabricating info and should flag unknowns as the skill directs.
Install Mechanism
No install spec and no code files — instruction-only skill. This is the lowest-risk install mechanism (nothing written to disk, no external downloads).
Credentials
The skill declares no required environment variables or credentials, which is reasonable. However, it expects access to prior notes or CRM data when available; that implies the agent/platform must provide connectors or credentials. Users should confirm what data sources (CRM, note apps) the agent will access and how consent/authentication is handled.
Persistence & Privilege
always:false (normal). The skill does not request persistent presence or elevated system privileges, nor does it modify other skills or system-wide settings.
Assessment
This skill appears internally consistent and low-risk as an instruction-only briefing helper. Before installing or using it: (1) confirm how the agent/platform will access your CRM or private notes (explicit connector, OAuth consent, or none); (2) avoid granting access to highly sensitive accounts unless you trust the connector and the skill's use; (3) expect the agent to rely on web search/LinkedIn — verify any facts it returns (news headlines, posts) rather than assuming they're correct; (4) test it first with a non-sensitive meeting to see what sources it uses and how it summarizes; and (5) ask the skill author to document required connectors and data handling if you need stronger assurances.

Like a lobster shell, security has layers — review code before you run it.

latestvk974gc12gy7dray663rfnz5xr1812p46meetingsvk974gc12gy7dray663rfnz5xr1812p46productivityvk974gc12gy7dray663rfnz5xr1812p46researchvk974gc12gy7dray663rfnz5xr1812p46

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments