Clawcrm
ReviewAudited by ClawScan on May 10, 2026.
Overview
This looks like a coherent CRM integration, but it gives an agent broad authority to enrich contacts, modify sales data, and send sales emails autonomously without clear approval or containment limits.
Install only if you are comfortable giving the agent CRM admin authority. Use a dedicated/scoped API key if possible, require explicit approval before bulk enrichment or sending any email sequence, test in a sandbox first, and confirm privacy, consent, opt-out, retention, deletion, and cancellation controls with ClawCRM.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent could change CRM records or send sales outreach without a human reviewing the recipients, message content, timing, or business impact.
The skill encourages autonomous handling of the full sales workflow, while the documented API actions include creating leads, updating status, and sending emails. The artifacts do not describe approval gates or limits for these high-impact actions.
**Zero human clicks required.** You handle the entire sales workflow.
Use only with explicit user confirmation for lead creation, bulk actions, and every outbound email sequence. Prefer scoped tokens, test workspaces, send previews, rate limits, and a clear rollback/cancel process.
A single incorrect command could trigger multiple unwanted enrichments or follow-up emails, causing privacy, compliance, or reputational problems.
The skill supports delayed email sequences and bulk enrichment. A bad lead list, mistaken template, or incorrect targeting decision could propagate across multiple prospects over time, and the artifacts do not describe containment or cancellation controls.
"delayMinutes": 0 ... "delayMinutes": 5760 ... Bulk Enrichment ... "leadIds": ["rp_123", "rp_456", "rp_789"]
Require previews and human approval for batch jobs and scheduled emails, and verify the service provides job status, cancellation, audit logs, and recipient suppression/opt-out controls.
Anyone or any agent with this token may be able to administer CRM data and send messages through the service.
The CRM API key/admin token is clearly disclosed and purpose-aligned, but it appears to be the credential used for setup, lead management, enrichment, tracking, and email sending.
requires:\n env:\n - CLAWCRM_API_KEY ... -H "x-admin-token: YOUR_TOKEN"
Store the key securely, use a dedicated low-privilege key if available, rotate it regularly, and avoid granting it to agents that should not send emails or mutate CRM records.
Contact details, company research, engagement signals, and inferred connections may be stored by the CRM service and reused in later sales actions.
The skill is designed to collect and reuse enriched lead profiles and relationship context. This is purpose-aligned for CRM, but it is privacy-sensitive and could influence later outreach if the data is wrong or stale.
Auto-enrichment happens in background ... professional email, phone, LinkedIn, company data ... Google Deep Search ... Spider Web
Confirm data sources, retention, deletion, consent, opt-out, and correction workflows before using enrichment or engagement tracking at scale.
It may be harder to confirm that the reviewed artifact, registry listing, and external service documentation all correspond to the same release.
The registry metadata supplied for review lists version 1.0.8, while the bundled _meta.json lists version 1.0.1. This does not show malicious behavior, but it is a provenance/versioning inconsistency users should verify.
"version": "1.0.1"
Verify the homepage, repository, service endpoint, and published version before granting the CRM API key.