Linkedin Lead Generation
PassAudited by ClawScan on May 10, 2026.
Overview
This is a coherent LinkedIn lead-research and report-generation skill with no hidden install or exfiltration behavior, though users should be aware it may rely on LinkedIn browsing/session context and produces HTML from collected data.
This skill appears safe for user-directed LinkedIn lead research. Before installing, be comfortable with the agent browsing LinkedIn and company websites, keep the scope clear, avoid automated outreach unless separately approved, and sanitize/review generated HTML/PDF reports before sharing.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may browse LinkedIn in a context tied to your account, which can expose connection-based information and may create account activity visible to LinkedIn.
Filtering by 2nd-degree connections can depend on the user's logged-in LinkedIn context or social graph. This is aligned with the lead-generation purpose, but users should know their account/session may be involved.
Use `browser` tool to search LinkedIn ... Filter for 2nd-degree connections for easier outreach.
Use only with an account/session you are comfortable using for research, and require separate approval before any outreach, messaging, or account-changing action.
A generated HTML report could contain unsafe markup or misleading links if untrusted webpage content is inserted verbatim.
The report generator interpolates prospect fields directly into HTML without escaping. If raw HTML or script-like content from an external profile or website were copied into those fields, it could appear in the generated report.
<div class="name">{p['name']}</div> ... <a href="{p['linkedin_url']}">LinkedIn Profile</a> ... <strong>Pitch Idea:</strong> {p.get('pitch', 'N/A')}Sanitize or HTML-escape all profile, URL, need, and pitch fields before generating the report, and review the report before opening or sharing it.
You have less external provenance information about the publisher or project history.
The skill's provenance is limited, although the provided artifacts are small, visible, and do not show hidden dependencies or remote install behavior.
Source: unknown; Homepage: none
Review the included SKILL.md and script before installing, and prefer trusted publishers for workflows that use account-based services.