ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Quotation Generator

v1.2.0

Auto-generate professional PDF proforma invoices with company letterhead, multi-language support, and post-quote tracking.

0· 82·0 current·0 all-time
by@ipythoning
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The described purpose (generate PDFs, multi-language quotes, post-quote tracking) is reasonable, but the runtime instructions require integrations (WhatsApp for owner approval/customer delivery, a CRM for status updates) and local product-KB access that the skill metadata does not declare (no env vars, no config paths, no install). Legitimately implementing these features would normally require API keys, phone numbers, or CRM credentials — their absence is an incoherence.
!
Instruction Scope
SKILL.md explicitly tells the agent to read product-kb/catalog.json, send drafts via WhatsApp, and update CRM records and follow-up on schedule. Those are concrete filesystem and network actions. The instructions do not specify which CRM, which WhatsApp integration (API, Twilio, webhooks), where product-kb should live, or what approval/consent flow to use — giving the agent broad discretion and potential access to sensitive files or external endpoints.
Install Mechanism
No install spec and no code files are present, which minimizes supply-chain risk because nothing is written to disk by an installer. This is consistent with an instruction-only skill, but it increases reliance on the runtime environment and existing integrations (which are not declared).
!
Credentials
The skill requires access to external services (WhatsApp, CRM) and a local product catalog but declares no required environment variables, credentials, or config paths. Expectation would be API tokens, phone numbers, CRM API keys, and a declared path for product-kb; requesting none is disproportionate and hides needed privileges.
!
Persistence & Privilege
The skill is not marked always:true (good), but it allows autonomous model invocation (platform default). Combined with instructions to send messages and update CRM, that means an agent could autonomously transmit customer data or make outbound updates once given the runtime credentials — the metadata gives no constraints or approval gating. This combination increases risk unless you limit autonomous actions or require explicit approval steps.
What to consider before installing
Do not install or enable this skill until the author clarifies integration details. Ask for: (1) exact WhatsApp integration method and required credentials (API provider, tokens, phone numbers), (2) which CRM is used and the required API keys/permissions, (3) the canonical path and access controls for product-kb/catalog.json, and (4) whether outbound sends and scheduled follow-ups require explicit owner approval. If you proceed, require least-privilege credentials (scoped API tokens), enable human approval before sending to customers, test in a sandbox environment with dummy data, and ensure logging/auditing of all outbound messages and CRM changes. If these details are not provided or cannot be validated, treat the skill as risky and avoid granting it credentials or network access.

Like a lobster shell, security has layers — review code before you run it.

latestvk974rtk441kkv462q6nchsa34s83j6q3

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments