openclaw-crm
ReviewAudited by ClawScan on May 1, 2026.
Overview
openclaw-crm appears to be a coherent local SQLite CRM, with the main things to notice being local data changes and CRM details written to shared local interchange files.
This skill is suitable to review as a local CRM, but install it only if you are comfortable with an agent managing local CRM records and writing selected CRM data into local interchange files readable by other agents. Confirm mutating operations before running them and verify the local interchange dependency used by the refresh command.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent using the skill can update or restore the local CRM database, potentially changing pipeline state or replacing records.
The documented CLI includes commands that can change deal stages, complete follow-ups, and restore the CRM database. These are expected CRM functions, but they can alter local business data if run without clear user intent.
crm deal stage <id> <new-stage> crm followup complete <id> crm restore <backup-file>
Use explicit user confirmation for mutating commands such as stage changes, completion, restore, and backup/restore operations.
The refresh command depends on local code outside the reviewed skill package, so behavior may depend on what exists at that sibling path.
The refresh feature imports a sibling local interchange module that is not included in this skill's file manifest or package.json dependencies. This appears purpose-aligned, but it is an undeclared local dependency users should verify.
import { writeMd } from '../../interchange/src/index.js';Verify the local interchange package/source before using refresh, or declare the interchange dependency through the package manifest.
If CRM notes or activities contain untrusted text, downstream agents could over-trust that text unless they treat it as data rather than instructions.
User-entered CRM activity content is written into persistent Markdown interchange files that other agents may later read as context.
content += `- ${a.timestamp} **${a.type}**: ${a.content}\n`;
await writeMd(path.join(dealsDir, `${slug}.md`), meta, content);Treat generated CRM Markdown as untrusted business data, avoid storing instructions or secrets in CRM notes, and have consuming agents ignore commands embedded in CRM records.
Customer/contact details, deal status, follow-up notes, and related CRM data may become visible to other local agents or tools that read the interchange directory.
The skill explicitly publishes CRM summaries, including contact information, into files intended for other agents to read. This is disclosed and purpose-aligned, but it broadens local visibility of CRM data.
Running `crm refresh` generates `.md` files summarizing pipeline state, due follow-ups, and contact information. Other agents can read these files via `@openclaw/interchange`
Only run refresh when cross-agent sharing is intended, restrict access to the interchange files, and avoid putting sensitive secrets in CRM records.