Linkedin Lead Generation
PassAudited by ClawScan on May 10, 2026.
Overview
The skill is coherent for LinkedIn lead research and report generation, with user-visible cautions around LinkedIn account context and safe rendering of generated HTML reports.
Before using this skill, decide whether you are comfortable with the agent browsing LinkedIn in your account context and collecting prospect information into a report. Review the generated report before sharing it, and sanitize or verify copied profile and website text if you use the included HTML generator.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your LinkedIn session or network context may influence searches and profile viewing while the agent researches leads.
Filtering by 2nd-degree connections is tied to LinkedIn account context or social graph data. This is aligned with the LinkedIn lead-generation purpose, but users should recognize that the browser may operate in an authenticated LinkedIn context.
Use `browser` tool to search LinkedIn ... Filter for 2nd-degree connections for easier outreach.
Use a dedicated or logged-out browser session if desired, and do not grant messaging or broader LinkedIn permissions unless you explicitly want that behavior.
A malicious or malformed profile/site value could alter the report, create deceptive links, or potentially run script if the HTML is opened in a permissive viewer.
The helper directly inserts prospect fields into generated HTML without HTML escaping or URL validation. If those fields are copied from untrusted profiles or websites, markup or script could be rendered in the report.
<div class="name">{p['name']}</div> ... <a href="{p['linkedin_url']}">LinkedIn Profile</a> ... html += f"<li>{need}</li>"Escape all text fields, validate report links to expected http(s) URLs, and prefer generating a sanitized PDF before sharing the report.