salesclaw
ReviewAudited by ClawScan on May 15, 2026.
Overview
Prompt-injection indicators were detected in the submitted artifacts (unicode-control-chars); human review is required before treating this skill as clean.
This skill looks benign based on the visible artifacts, but use it only if you are comfortable with a local database holding medical-sales, doctor, prescription-volume, sales-target, and compliance information. Back up or protect salesclaw.db, and require explicit user confirmation before running tools that update sentiment, visit records, compliance risks, notifications, reminders, or action approvals. ClawScan detected prompt-injection indicators (unicode-control-chars), so this skill requires review even though the model response was benign.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An unintended tool call could change local compliance/customer status records that later reports and recommendations rely on.
This tool can directly change a local entity's compliance risk status. That matches the compliance-management purpose, but it is a durable business-data mutation and this function does not show a separate approval gate.
cur.execute("UPDATE ontology_objects SET status = ?, compliance_risk_level = ? WHERE id = ?", (new_status, severity, entity_id))Use state-changing tools only after explicit user instruction, and consider adding approval, audit, or undo controls for all database-writing tools.
Sensitive business or healthcare-sales information may appear in responses and influence future recommendations.
The skill uses a persistent local database containing doctor, prescription-volume, visit, sales, and compliance context. This is central to the skill, but it means sensitive records can be reused across tasks.
数据库路径: `~/.openclaw/workspace/skills/salesclaw/salesclaw.db` ... Doctor(医生)... prescription_volume ... ComplianceAlert, VisitRecord
Protect the database file, avoid storing unnecessary sensitive information, and verify important records before acting on the skill's recommendations.
It may be harder to independently verify who maintains the skill or where the code came from.
The package provenance is limited even though executable tool files are included. The visible files do not show remote installers or hidden dependencies, so this is a provenance notice rather than a security concern.
Source: unknown; Homepage: none
Install only if you trust the publisher, and review the included code before using it with real sales or compliance data.