Attio CRM CLI
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: attio-cli Version: 1.0.0 The skill is classified as suspicious primarily due to the supply chain risk introduced by its installation instructions in `SKILL.md`. It directs the agent to `git clone` and `npm install` from an external GitHub repository (`https://github.com/FroeMic/attio-cli`). `npm install` can execute arbitrary code via package scripts, posing a risk if the upstream repository is compromised or malicious. While the `scripts/generate-schema.sh` file and other instructions appear to align with the stated purpose of interacting with Attio CRM, the reliance on an external, potentially untrusted source for installation elevates the risk beyond benign.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the external CLI may run third-party code that will later have access to the Attio API key.
The user is instructed to install and link an external npm-based CLI whose source and dependency tree are not part of the reviewed skill artifacts.
git clone https://github.com/FroeMic/attio-cli cd attio-cli npm install npm link
Inspect the GitHub repository before installing, pin to a trusted commit if possible, and use a least-privilege Attio API key.
Any process or agent that can read the environment variable may use the Attio permissions associated with that key.
The skill requires a bearer API key for the user's Attio workspace; this is expected for the integration but grants account/workspace authority to the CLI and agent environment.
Set `ATTIO_API_KEY` environment variable ... Add to `~/.claude/.env`
Use a scoped or least-privilege Attio key, avoid storing it in shared environments, and rotate/revoke it if no longer needed.
A mistaken or overly broad command could create unwanted CRM records or pipeline/list entries.
The documentation includes direct write-capable API examples for creating CRM records and adding list entries; these actions are purpose-aligned but can mutate business data.
Create a record: ```bash curl -X POST https://api.attio.com/v2/objects/<object-slug>/records
Require explicit user confirmation before write operations, verify object/list slugs and payloads, and prefer read-only keys for schema/listing tasks.
The generated file may reveal internal CRM structure or business pipeline metadata to local users or future agent context.
The skill can persist a generated workspace schema file containing objects, attributes, lists, and field options for later context use.
bash {baseDir}/scripts/generate-schema.sh > {baseDir}/workspace.schema.mdGenerate the schema only when needed, review it for sensitive metadata, keep it private, and delete it when no longer useful.