Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Campaign Tracker
v1.0.0客户开发信追踪与分析 — 自动归档发送记录、匹配客户回复、生成效果分析报告、优化邮件模板
⭐ 0· 65·0 current·0 all-time
byJaden's built a claw@cjboy007
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (campaign tracking, reply matching, reporting, template optimization) align with the shipped scripts. However the SKILL.md and scripts expect integration with two other tasks/skills (task-001 imap-smtp-email and task-002 okki-email-sync) and environment variables (EMAIL_SKILL_ROOT, OKKI_VECTOR_SEARCH, OBSIDIAN_VAULT, CAMPAIGN_TRACKER_PROCESSED_FILE) that are not declared in the registry metadata. Requiring access to another skill's filesystem and .env to read IMAP/SMTP data is not obviously proportional to what a user would expect from a drop-in 'campaign tracker' unless that integration is explicit.
Instruction Scope
Runtime instructions and scripts read and write local archives/reports/logs (expected), but they also: require/require() code from EMAIL_SKILL_ROOT (e.g. intent-recognition module), load process.env.EMAIL_SKILL_ROOT + '/.env', and reference an OKKI vector-search path. These instructions tell the agent to read other skill directories and a .env file (likely containing credentials). That broad file access is beyond simple reporting and should be explicitly declared and reviewed.
Install Mechanism
There is no install spec (instruction-only), which lowers installer risk. However the package includes multiple Node.js scripts that will be executed by the user/agent via node; there is no automatic downloader/remote install. The lack of an install step is low risk but means the supplied scripts will run with whatever privileges the agent/user grants.
Credentials
Registry metadata lists no required env vars, but SKILL.md and scripts depend on several environment variables and config paths: EMAIL_SKILL_ROOT (used to require other skill modules and to load a .env), OKKI_VECTOR_SEARCH, OBSIDIAN_VAULT, and CAMPAIGN_TRACKER_PROCESSED_FILE. Loading EMAIL_SKILL_ROOT + '/.env' can expose IMAP/SMTP credentials or API keys from another skill — this is disproportionate unless the user intentionally points EMAIL_SKILL_ROOT to a sanitized location. The skill also writes files to /tmp and local archive/log/report directories (expected) and may update config/tracking-schema.json (template-optimizer).
Persistence & Privilege
The skill is not always-enabled and does not request to auto-install or modify other skills' configurations. It writes its own archives, logs, reports, and may update its own config (tracking-schema.json) which is normal. Note: the platform default allows autonomous invocation; combined with the above undeclared cross-skill access, that increases potential blast radius but 'always:true' is not set here.
What to consider before installing
This skill appears to implement campaign tracking and reporting, but it expects to read files and modules from other skills (e.g. EMAIL_SKILL_ROOT) and even loads a .env from that location — which may contain IMAP/SMTP credentials or other secrets. Before installing or running: 1) Inspect the scripts yourself (archive-sent-records.js, reply-matcher.js, analytics-report.js, template-optimizer.js) — they will be executed by node. 2) Do not point EMAIL_SKILL_ROOT to a live production skill directory that contains credentials unless you have reviewed and sanitized its .env and scripts. 3) Prefer running first in dry-run mode and in an isolated/test environment (or container) so it cannot read unrelated files. 4) Verify what OKKI_VECTOR_SEARCH should point to and whether it invokes remote services or scripts. 5) If you need to use this, explicitly set the required environment variables to trusted, minimal locations and avoid sharing cross-skill secrets. Providing explicit documentation from the author that clarifies which env vars are required and that the skill will not load other skills' secrets would reduce risk and could change this assessment to 'benign'.Like a lobster shell, security has layers — review code before you run it.
latestvk9795evcbpjcx137k9q2s13y1d83p9vb
License
MIT-0
Free to use, modify, and redistribute. No attribution required.