Back to skill
Skillv1.0.0
ClawScan security
Pans Linkedin Outreach · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 17, 2026, 4:40 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent: it only generates LinkedIn outreach text locally from CLI arguments and templates, and it requests no credentials, installs, or network access.
- Guidance
- This skill appears safe from a system/credential perspective: it only produces message text locally and doesn't send messages or access LinkedIn APIs. Before using, consider: (1) do not paste sensitive personal or company secrets into the --profile or --purpose fields, since those strings are printed and could be logged; (2) the tool does not automate sending — if you add automation later you will need LinkedIn credentials and should protect them carefully; (3) ensure outreach follows applicable laws and LinkedIn's terms (avoid spam); and (4) review or run the included Python script in a local/isolated environment if you have any residual concerns.
Review Dimensions
- Purpose & Capability
- okName/description (LinkedIn outreach message generator) matches the included artifacts: SKILL.md documents a CLI usage and the repository includes a small Python script that formats templates into messages. There are no unrelated environment variables, binaries, or external service credentials requested.
- Instruction Scope
- okSKILL.md instructs the agent/user to run the provided Python script with --profile, --type, and --purpose. The script only reads command-line arguments, fills templates, enforces length limits, and prints output. It does not read other files, access environment variables, call network endpoints, or transmit data externally.
- Install Mechanism
- okNo install specification is present. The skill is a small local script (no package downloads or archive extraction), so there is no installer risk.
- Credentials
- okThe skill declares no required environment variables, no credentials, and no config paths. The code likewise does not access environment or secret material — proportional for a message-generator.
- Persistence & Privilege
- okalways is false (default). The skill does not request persistent installation or modify other skills or system settings; it only runs as a normal script when invoked.