Skillv1.0.0

ClawScan security

Sales Rhythm Tracker — Alibaba Iron Army B2B Pipeline · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 24, 2026, 7:29 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This skill is internally consistent: it implements a local, file-based B2B sales pipeline (markdown files + helper shell scripts) and does not request credentials, remote downloads, or network endpoints.
Guidance: This skill appears to do what it says: local, markdown-based pipeline management using a set of bash scripts. It does not contact external servers or ask for credentials. Before installing, consider these practical points: - Data exposure: Pipeline entries and activity logs are stored as plain text under ~/.openclaw/workspace/sales. If you will store real leads (PII, company data, deal values), ensure that the host/user account and backups are secure (encrypted disk, proper file permissions). - Agent output: The scripts and SKILL.md instruct the agent to read and print pipeline contents. If your agent forwards messages or integrates with networked services (chat apps, email, calendar), pipeline data could be transmitted externally. Only allow this skill if you trust the agent's messaging endpoints. - Local execution: The scripts perform simple file writes and use standard utilities (mkdir, cat, echo, date, tail). They do not execute user-supplied strings as shell commands, but they do write user-supplied text into markdown without sanitization. Avoid pasting untrusted content that could confuse downstream tooling. - Pairing with other skills: The README suggests integrations (calendar, voice-to-text). Those companion skills may introduce network access; review them separately if you plan to enable integrations. If you need stronger protections, consider running the workspace on an encrypted home directory, restricting file permissions (chmod 700), or adapting the scripts to encrypt/decrypt the markdown files.

Review Dimensions

Purpose & Capability: okThe files and scripts match the described purpose (local pipeline management, morning brief, activity logging, pipeline health, weekly sprint). No unrelated binaries, cloud credentials, or surprising capabilities are requested.
Instruction Scope: noteRuntime instructions limit operations to reading and writing markdown files under ~/.openclaw/workspace/sales and generating text outputs. This matches the stated purpose, but the skill stores potentially sensitive customer data in plain markdown and the agent is instructed to print/parse those files — so be aware that outputs could be displayed or forwarded by the agent.
Install Mechanism: okNo install spec or remote downloads. The README suggests copying files into ~/.openclaw/skills and making scripts executable, which is a reasonable, low-risk local installation approach.
Credentials: okNo environment variables, no primary credential, and no external config paths are required. The requested access (user home directory files) is proportionate to a local CRM-style skill.
Persistence & Privilege: okalways:false (default). The skill does not request persistent system-wide privileges or modify other skills. It only creates and manages files in its own workspace directory.