Skillv1.0.0

ClawScan security

Cold Outreach Sequence · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 17, 2026, 8:11 PM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is an instruction-only template and research guide for writing LinkedIn/email outreach and its requirements and behavior are consistent with that purpose.
Guidance: This skill is coherent and instruction-only, so it doesn't request secrets or install code. Before using: (1) don't supply private credentials or contact lists to the agent; (2) ensure any outreach follows platform rules and privacy/regulatory obligations (CAN-SPAM, GDPR, LinkedIn policies); (3) review and edit generated messages to remove any inaccurate specifics or sensitive data; and (4) verify external links (the author attribution/booking link) before clicking.

Purpose & Capability: okName/description match the SKILL.md: guidance on research, connection requests, follow-ups, and email templates. There are no unrelated required binaries, environment variables, or config paths.
Instruction Scope: okSKILL.md instructs human-style prospect research (LinkedIn activity, company news, websites, podcasts) and provides message formulas and schedules. It does not instruct reading local files, exfiltrating secrets, or contacting unexpected external endpoints beyond normal web research. It does assume the ability to look up public web resources (normal for this purpose).
Install Mechanism: okNo install spec and no code files — instruction-only skill, which is the lowest-risk install model.
Credentials: okThe skill requests no environment variables, credentials, or config paths. Its guidance for researching public information is proportional to the declared purpose.
Persistence & Privilege: okalways:false and no special persistence or system-wide configuration changes requested. Autonomous invocation is allowed (platform default) but the skill itself does not demand elevated privileges.