Ai Lead Generator Skill
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Users may believe they are receiving validated real leads when the output is actually fabricated sample contact data.
The code explicitly says it only returns sample data, which conflicts with the skill description claiming AI-powered research, Apollo/LinkedIn integration, email validation, and qualified contacts.
// Simulated lead generation (in real implementation, would use Apollo/LinkedIn APIs) // For demo purposes, return sample data
Do not rely on this skill for production lead generation unless the author updates the documentation and implementation to accurately disclose what data is real, validated, and sourced from authorized integrations.
If future use of this skill asks for LinkedIn or Apollo access, users would need to understand what permissions are being granted.
The documentation references external account integrations, but the registry metadata declares no primary credential or required environment variables, and the included code does not show a bounded credential flow.
- Apollo.io account (optional, improves data quality) - LinkedIn account (for advanced targeting)
Only provide account access through official scoped OAuth or API keys, avoid sharing passwords or cookies, and verify that requested permissions match the lead-generation task.
Dependency changes could affect what code runs if the package is installed through npm tooling.
The package lists npm dependencies with caret version ranges and no lockfile is present in the provided manifest. This is common, but it means installed dependency versions may vary.
"dependencies": {
"csv-writer": "^1.6.0",
"axios": "^1.6.0"
}Install from a trusted registry/source and prefer pinned or lockfile-controlled dependency versions for production use.