intercom-conversations
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: intercom-conversations Version: 1.0.1 The skill is designed to read Intercom conversations and all files (code, documentation, and metadata) align with this stated purpose. The `SKILL.md` contains no prompt injection attempts. The `index.js` code properly retrieves the `INTERCOM_ACCESS_TOKEN` from environment variables, uses a legitimate `intercom-client` library, and implements input validation for parameters like `per_page`. No evidence of arbitrary command execution, unauthorized file access, data exfiltration, or other malicious behaviors was found.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If installed with a broad Intercom token, the agent can retrieve conversations available to that token.
The skill authenticates to Intercom using an access token. This is expected for the stated Intercom-read purpose, but it gives the agent delegated access to the Intercom workspace allowed by that token.
tokenAuth: { token: mustEnv("INTERCOM_ACCESS_TOKEN") }Use the least-privileged Intercom token available, preferably limited to read-only conversation access, and only install where the agent is allowed to view support conversations.
Customer conversation data may be placed into the agent’s working context and could be reused in later reasoning or responses depending on the host environment.
The skill returns full Intercom conversation objects to the calling agent. This is purpose-aligned, but those objects may include customer messages or other sensitive support context.
return { ok: true, action: "conversations.find", conversation: convo };Avoid using this skill in contexts where customer conversation content should not be visible to the agent, and redact or limit queries when possible.
Installing later may resolve to a newer dependency version than the one originally reviewed.
The skill depends on the Intercom client package using a caret version range. This is a normal purpose-aligned dependency, but future compatible versions could be installed unless a lockfile or pin is used.
"dependencies": { "intercom-client": "^6.0.0" }Prefer a lockfile or fully pinned dependency version for reproducible installs.