ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Lead Discovery

v1.0.0

AI-driven lead discovery for B2B export. Searches web for potential buyers matching ICP, evaluates fit, and creates CRM records for follow-up.

0· 33·1 current·1 all-time
by@ipythoning·duplicate of @ipythoning/sdr-lead-discovery
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's name/description align with the actions described (web search, website reading, scoring, adding CRM records). Using Jina.ai for search/reader is coherent with the stated purpose. However, the SKILL.md explicitly references a JINA_API_KEY and integration points (CRM, Supermemory, USER.md) that are not declared in registry metadata, which is unexpected and inconsistent.
!
Instruction Scope
Runtime instructions instruct the agent to run curl calls to Jina endpoints (requiring an API key), read company websites for contact info (emails, phone, WhatsApp), consult USER.md for ICP criteria, and store notes in 'Supermemory' and CRM. The skill asks the agent to access .secrets/env and user files (USER.md) and to create CRM records — none of these files, config paths, or CRM endpoints/credentials are specified in the registry. This grants broad discretion to read local files and send harvested contact data to unspecified external systems.
Install Mechanism
Instruction-only skill with no install spec or code files — minimal disk footprint. The only external network activity described is curl to jina.ai (a well-known service) which is expected for the task.
!
Credentials
SKILL.md requires a JINA_API_KEY (mentions .secrets/env and a link) but the registry lists no required env vars or config paths. The instructions also rely on CRM and Supermemory without declaring required credentials or endpoints. Missing declarations for credentials and config paths are disproportionate and impede safe review.
Persistence & Privilege
always:false (good). The skill suggests cron-scheduled execution (Daily 10:00) and autonomous invocation is allowed by default; combined with the ability to read local files and push to CRM, this increases operational impact if misconfigured. The skill does not request to modify other skills or system-wide configs.
What to consider before installing
Before installing, confirm these items: (1) The skill's SKILL.md expects a JINA_API_KEY — but the registry does not declare it; only provide the key if you trust the skill and understand where requests will be sent. (2) The skill will read USER.md and .secrets/env and scrape websites for emails/phone/WhatsApp; ensure you are comfortable with automated scraping and that it complies with privacy/local law. (3) The skill plans to write discovered leads into a CRM and 'Supermemory' but provides no endpoint or credentials — ask the author which CRM and what credentials will be required and where data will be stored/retained. (4) If you want to run scheduled jobs, verify your agent's scheduler behaviour and limit frequency/quotas to reduce accidental data exfiltration. (5) Prefer installing only after the skill metadata is corrected to declare required env vars/config paths and a clear description of CRM/third-party integrations; treat this skill as suspicious until those inconsistencies are resolved.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ben3xnh3bme4xafbsmprzzd843ern

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments