Skillv1.0.0

ClawScan security

Tmp Skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 28, 2026, 7:46 PM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill claims CRM integration and outreach automation but the bundled scripts only create and manage local markdown files in your home directory — the promised external integrations and automation are not implemented, and there are minor metadata inconsistencies.
Guidance: This package is misaligned with its marketing: it mostly provides a local markdown-based lead tracker and report templates, not real CRM connectors or outbound automation. Before installing or running anything: 1) Inspect the three scripts yourself (they are plain bash and safe-looking) and confirm you are comfortable with them writing to ~/.openclaw/workspace/sales. 2) Do not place API keys, passwords, or other secrets into TOOLS.md or plain templates — the skill has no secret-management behavior. 3) If you expected HubSpot/Salesforce/Notion integration or automated emailing, ask the publisher for details or an implementation that shows safe network calls and required credentials. 4) Note the metadata mismatch (skill registry name/owner vs _meta.json) — treat that as a sign to verify the source/author before trusting the package.

Review Dimensions

Purpose & Capability: concernThe SKILL.md advertises CRM integration, outreach automation, and pipeline management. The included scripts (sales-init.sh, lead-tracker.sh, pipeline-report.sh) only create and manipulate local markdown files under ${HOME}/.openclaw/workspace/sales and generate reports/templates — there are no API calls, no email sending, and no code to integrate with HubSpot, Salesforce, Notion, or any CRM. This is a substantive mismatch between claimed capabilities and actual functionality. Additionally, registry metadata (skill slug/owner) differs from _meta.json values, suggesting the package may have been repackaged or mislabeled.
Instruction Scope: concernRuntime instructions tell the agent (or user) to run the included shell scripts and to edit a TOOLS.md to configure CRM preferences. The scripts only read/write files under ~/.openclaw/workspace/sales (create directories, templates, and markdown leads), which is within scope for a local lead tracker. However, the instructions give the impression of external CRM integration and automated outreach; there are no instructions or code for network calls, credentials handling, or external endpoints. The instruction set therefore overpromises and is misleading.
Install Mechanism: okNo install specification; this is effectively an instruction + script bundle. No downloads, no package installs, and nothing will be written outside the user's home directory except files created under ~/.openclaw/workspace/sales. From an install-risk perspective this is low, but users should still review scripts before running.
Credentials: okThe skill declares no required environment variables or credentials, which matches the included scripts (they do not read external API keys). Note that the SKILL.md suggests configuring CRM tooling (e.g., HubSpot/Salesforce) — if you later add credentials to TOOLS.md or other local files, those would be sensitive and the skill provides no secure handling for them.
Persistence & Privilege: okalways is false and the skill is user-invocable. The scripts create files under ~/.openclaw/workspace/sales and do not modify other skills or system-wide settings. This level of persistence and privilege is appropriate for a local tracker.