ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

ooutreachskill

v1.0.0

Complete outreach operating system for Floods: contact tiering, personalized DM writing, prospect research, hook crafting, follow-up sequences, and cold outr...

0· 52·0 current·0 all-time
by@huguesgtch
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, and SKILL.md content are coherent: templates, tiering, research SOPs and message drafts match an outreach OS for mobile gaming studios. No unrelated credentials, binaries, or installs are requested.
!
Instruction Scope
SKILL.md directs the agent to 'Always trigger on mentions of...' and 'always load it before writing any message', and instructs open-ended internet searches for personal/professional hooks with URLs for every item. Those are broad, operationally unconstrained instructions that can lead to aggressive data collection (personal/social scraping) and scope creep (applying outreach logic in contexts where it's not appropriate). The instructions also give the skill wide discretion when invoked (e.g., choose sources, craft hooks), which may cause undesired outbound messaging or privacy exposure if not limited by platform policies.
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest install risk.
Credentials
No environment variables, credentials, or config paths are requested; the requested footprint is minimal and proportional to the stated purpose.
Persistence & Privilege
Skill metadata does not set always:true (so it is not forced into every agent run), and autonomous invocation is default. However, SKILL.md's insistence that it be 'always loaded' and 'always trigger' conflicts with the manifest and effectively asks for persistent/automatic use. This mismatch is a behavioral concern rather than a declared privilege.
What to consider before installing
This skill appears to implement a legitimate outreach OS, but its runtime instructions ask the agent to always load and to perform broad, unconstrained web research and trigger on many casual mentions. Before installing: (1) Confirm whether the platform will actually enforce 'always' behavior — the manifest does not set always:true, but the skill asks for it in SKILL.md. (2) Decide whether you want a skill that performs open web scraping of personal profiles and contact info — this can have privacy and compliance implications (GDPR, anti-scraping rules). (3) Prefer testing in a sandbox: verify the agent only runs the research and drafts messages when explicitly invoked, and does not auto-send messages. (4) If you allow autonomous invocation, restrict triggers or add guardrails (rate limits, allowed domains, explicit user confirmation before contacting people). (5) Review included contact details and templates for accuracy and legal/compliance language. If any of the above is unacceptable, do not enable autonomous invocation or reject the skill.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dj9rmt94m5ftrdfd4dcmkf583jgk9

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments