Foxreach Cold Outrach
WarnAudited by ClawScan on May 10, 2026.
Overview
This FoxReach skill is purpose-aligned but deserves review because it can start or modify cold-email campaigns and relies on unreviewed SDK/CLI code not included in the artifact.
Install only if you intend the agent to manage FoxReach outreach. Before giving it an API key, verify the SDK/CLI source, use a least-privilege key if available, and require manual confirmation before campaign starts, deletions, or bulk lead/account changes.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent using this skill could start or materially change outreach that sends emails to leads, affecting recipients, sender reputation, and business records.
These documented operations can activate outbound cold-email sending, bulk-modify campaign membership, and delete account resources, but the skill does not require explicit user confirmation or preview for these high-impact actions.
`Start | client.campaigns.start(campaign_id) | Transitions to active`; `Add Leads | client.campaigns.add_leads(campaign_id, [lead_ids])`; `Delete | client.email_accounts.delete(account_id)`
Require explicit confirmation before starting campaigns, deleting resources, or bulk-adding leads/accounts; show campaign content, sender accounts, recipient counts, and expected sending limits before execution.
If the referenced SDK/CLI is missing, replaced, or different from what the user expects, the agent may run unreviewed code with access to the FoxReach API key.
The skill instructs installing and using local SDK/CLI code, but the supplied manifest contains only markdown files, so the code that would handle the FoxReach API key and account operations is absent from review.
`The Python SDK is at integrations/sdk-python/ and the CLI is at integrations/cli/` ... `cd integrations/sdk-python && pip install -e .`
Package or pin the SDK/CLI source, include checksums or trusted installation instructions, and let users inspect the code before providing an API key.
Providing the key lets the agent read and change FoxReach account data according to the API permissions behind that key.
The API key requirement is expected for a FoxReach management skill, but it grants delegated access to the user's FoxReach account and is not declared in the registry credential metadata.
`Always get the API key from the user or environment before making calls. Never hardcode keys. Use environment variable injection: FOXREACH_API_KEY=otr_... python script.py`
Use the least-privileged FoxReach API key available, rotate it if exposed, and confirm the intended account/workspace before running mutations.
Local Python execution can access the runtime environment and any API key passed into it.
The skill relies on local Python command execution, which is central to its documented API-management workflow, but users should still recognize that this runs code locally.
`allowed-tools: Bash(python *), Bash(cd *), Bash(FOXREACH_API_KEY=* python *)` and `Write inline Python scripts using the SDK.`
Run only reviewed FoxReach scripts, avoid embedding real keys in saved files, and prefer environment variables or a secret manager for credentials.