Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Follow-up Engine (CRM Automation)
v1.0.0Automated customer follow-up scheduling and execution engine for B2B sales. Generates personalized follow-up email drafts based on customer stage, last conta...
⭐ 0· 60·1 current·1 all-time
byJaden's built a claw@cjboy007
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (CRM follow-up automation) aligns with the included scripts and config (scheduler, OKKI integration, follow-up rules). However metadata claims 'no required env vars' and 'no required binaries', while SKILL.md and the code expect an OKKI CLI path and Discord credentials—this is a mismatch that should have been declared in the registry metadata.
Instruction Scope
Runtime instructions and the scripts read and write local filesystem paths (drafts/, logs/), create cron entries (SKILL.md shows example cron lines), call an external OKKI CLI (python3 okki.py), and post notifications to Discord. The SKILL.md explicitly references environment variables (OKKI_CLI_PATH, DISCORD_BOT_TOKEN, DISCORD_CHANNEL_ID) that are not declared in the skill metadata. The scheduler includes a simulated OKKI scan for examples, but okki-integration.js actually executes the external CLI—so the skill will invoke external networked systems when run.
Install Mechanism
There is no install spec (instruction-only), which is lower platform install risk, but the package includes multiple code files (JS scripts, configs, tests). Because code is bundled, installing the skill adds executable scripts to the workspace; the absence of an explicit install step means the user must trust the bundled code. No third‑party downloads are performed by the skill itself.
Credentials
The SKILL.md and the code expect several environment/config values (OKKI_CLI_PATH, optional OKKI_SYNC_RECORD_FILE, DISCORD_BOT_TOKEN, DISCORD_CHANNEL_ID) even though the registry lists no required env vars or primary credential. Requesting a Discord bot token and a path to an external CLI are plausible for the stated purpose, but they must be explicitly declared and minimized. The skill also reads/writes files under tmp and workspace areas and writes a sync record to the OS temp dir—these are typical but should be documented and consented to.
Persistence & Privilege
The skill is not always: true and does not request special platform privileges. It writes files into its own workspace (drafts/, logs/) and a sync record under the OS temp directory—acceptable for its function. There is no code in the bundle that modifies other skills' configs or system-wide agent settings.
What to consider before installing
Key things to consider before installing or running this skill:
- Metadata mismatch: The skill package metadata claims no required env vars, but SKILL.md and the scripts require OKKI_CLI_PATH, DISCORD_BOT_TOKEN, and DISCORD_CHANNEL_ID. Treat that as an attention point — ask the maintainer to update the manifest or update the metadata before trusting it.
- Review the bundled code first: The skill includes executable scripts (follow-up-scheduler.js and okki-integration.js) that will read/write drafts/ and logs/, and invoke an external OKKI CLI using python3. Inspect the okki.py (or the CLI referenced by OKKI_CLI_PATH) before running to ensure it is trusted and does only the expected CRM API calls.
- Least privilege for credentials: If you provide a DISCORD_BOT_TOKEN or any OKKI credentials, create scoped/limited tokens (least privilege) and consider using a bot account with only the channel permission required. Avoid using highly privileged service tokens unless necessary.
- Run in dry-run / isolated environment first: Use the --dry-run options and run on a test workspace to verify behavior. Monitor network calls and filesystem changes. Consider running in a sandboxed environment or container, especially if OKKI_CLI_PATH points to an unreviewed script.
- Sanitize logs and storage: The code logs and stores drafts locally and in tmp; verify that logs are properly redacted for PII and ensure file permissions are appropriate for your security requirements.
- Ask the maintainer for clarity: Request an updated registry manifest that lists required environment variables and precise privileges, and request proof or link to the OKKI CLI implementation (source or official release). If the skill cannot provide these, treat it as higher risk.
If you want, I can (a) produce a checklist of tests to run in a sandbox, or (b) highlight specific lines in the two scripts that you should verify with the OKKI CLI and Discord settings.scripts/okki-integration.js:70
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk97dj9r4gqtj7q4be6p4w32n3h83prrv
License
MIT-0
Free to use, modify, and redistribute. No attribution required.