Lead Enrichment
WarnAudited by ClawScan on May 10, 2026.
Overview
This skill is review-worthy because its batch script can execute commands from a crafted lead file, and its shipped enrichment script returns mock dossiers despite promising real public-source research.
Treat this skill as needing review before use. Do not run batch enrichment on untrusted CSV files unless the shell invocation is fixed, and do not rely on the current enrichment output as factual because the shipped script uses mock data. If you still install it, review local caching settings and any optional provider API keys.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A malicious or untrusted lead CSV could run commands on the user’s machine with the user’s permissions.
Each raw CSV line is substituted into a bash -c command string. A crafted lead row containing shell syntax such as command substitution could be executed when the user runs batch enrichment.
tail -n +2 "$INPUT_FILE" | xargs -I {} -P "$PARALLEL" bash -c 'process_lead "{}" "$OUTPUT_DIR" "$ENRICH_SCRIPT"'Do not run batch mode on untrusted files until this is fixed. Pass CSV rows as positional arguments to bash, avoid interpolating them into command strings, and validate/sanitize input before creating filenames or invoking scripts.
Users may trust fabricated lead dossiers or guessed contact information as real research, leading to bad outreach decisions or inaccurate CRM data.
The shipped script does not actually aggregate LinkedIn, Twitter, GitHub, company, or news data as promised in SKILL.md; it generates mock profile, contact, company, and talking-point data.
# This is a placeholder for the full enrichment logic... For this demo, we'll just use the mock data function. RESULT_JSON=$(mock_data "$NAME" "$COMPANY")
Clearly label the skill as a demo or implement real source fetching and verification before presenting outputs as enriched profiles.
Enriched profiles, contact guesses, and source URLs may remain on disk for up to the configured retention period.
The default configuration stores enriched personal lead profiles locally for later reuse. This is purpose-aligned, but it creates a local cache of personal/prospect data.
"save_to_disk": true, "storage_path": "~/.config/lead-enrichment/data/leads" ... "store_locally": true, "data_retention_days": 30
Review the storage location and retention period, protect the directory, and disable local storage if you do not want cached lead dossiers.
The skill may detect whether sales-data provider credentials exist on the machine, even though no required credentials are declared.
Setup checks a local secrets file for optional premium data-source API-key names. The artifacts do not show key values being printed or transmitted, but this credential-adjacent behavior is not declared in the registry requirements.
if [ -f "$HOME/.clawdbot/secrets.env" ]; then ... grep -q "HUNTER_API_KEY" ... grep -q "CLEARBIT_API_KEY" ... grep -q "APOLLO_API_KEY"
Keep premium API keys scoped to the intended providers and confirm any future code uses them only for the selected enrichment services.
Users may encounter undeclared setup requirements or install tools without a pinned/provided install path.
The setup script requires local tools, while the registry requirement section declares no required binaries and there is no install spec.
for tool in jq curl; do
if ! command -v "$tool" &> /dev/null; then
echo "⚠ Prerequisite missing: '$tool'. Please install it to continue."Declare jq and curl in metadata or installation instructions, and keep dependency requirements explicit.