Skillv0.1.0

ClawScan security

Crm Snail Mail Postgrid · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 5, 2026, 2:29 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill appears to implement what it claims (pull CRM contacts and send mail via PostGrid), but there are configuration/metadata inconsistencies and broad API capabilities that merit caution before installing or running with production credentials.
Guidance: This skill's code matches its description, but take these precautions before installing or running it: 1) The SKILL.md and scripts expect API keys for GoHighLevel, Follow Up Boss, and PostGrid — the registry metadata omitted those; don't assume no credentials are needed. 2) The scripts will transmit contact PII (names, addresses, phone, email) to PostGrid — only provide a PostGrid API key you trust and prefer a dedicated/test account with minimal permissions and spending limits. 3) The postgrid_api exposes a raw-caller and many endpoints (bank accounts, webhooks, campaigns) — avoid using a high-privilege PostGrid key; prefer keys scoped to print-mail only. 4) Start with the provided --dry-run and a small --max-send to validate payloads. 5) If you need assurance, review the included Python files yourself or run them in a controlled environment with test credentials. The metadata omission lowers confidence in packaging hygiene; if possible ask the publisher to correct registry env declarations.

Review Dimensions

Purpose & Capability: noteName, description, SKILL.md, and included scripts are coherent: the Python tools fetch contacts from GHL or FUB, normalize addresses, render templates, and submit jobs to PostGrid. However, registry metadata declares no required environment variables while SKILL.md and the code clearly expect GHL/FUB/POSTGRID API keys (metadata omission).
Instruction Scope: noteRuntime instructions stay within the advertised workflow (fetch/normalize/filter/render/send). They explicitly allow loading external JSON contact files and include a 'call-raw' capability to invoke arbitrary PostGrid endpoints. That fall-back is powerful and will transmit contact PII to external PostGrid endpoints (intended) — so it's within purpose but expands what the agent can do beyond only sending letters/postcards.
Install Mechanism: okNo install spec (instruction-only with bundled Python scripts). Nothing is downloaded from third-party URLs and no new binaries are installed by the skill itself.
Credentials: concernThe code and SKILL.md require GHL_API_KEY, FUB_API_KEY, POSTGRID_API_KEY and optional base URLs, which are appropriate for the task. The registry metadata, however, lists no required env vars/credentials — an inconsistent/omitted declaration that could mislead users into running the skill without realizing it needs sensitive API keys. Also, the included PostGrid helper can call many endpoints (bank account, webhooks, campaigns, etc.), so you should use minimally-scoped PostGrid credentials.
Persistence & Privilege: okThe skill is not forced-always and does not request persistent system privileges. It does not modify other skills' configs or ask for system-wide credentials.