Ahc Automator

PendingStatic analysis audit pending.

Overview

No static analysis result has been recorded yet. Pattern checks will appear here once the artifact has been analyzed.

Findings (0)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Concern

ASI02: Tool Misuse and Exploitation

What this means

A keyword-matching email in the monitored mailboxes could create tasks, contacts, or deals in AHC systems without review.

Why it was flagged

Recent email content is used to trigger ClickUp task creation and Pipedrive deal creation automatically. The shown workflow does not include a human approval step or clear sender-authentication check before mutating business systems.

Skill content

for email in emails:
    self.process_single_email(email)
...
if self.email_parser.contains_keywords(email, 'clickup'):
    self.handle_clickup_request(email)
...
task_result = self.clickup.create_task(...)
...
deal_result = self.pipedrive.create_deal(...)

Recommendation

Add sender allowlists, deduplication, preview/approval for writes, and a rollback or audit process before creating or updating ClickUp/Pipedrive records.

Note

ASI03: Identity and Privilege Abuse

What this means

If installed with broad API tokens, the skill can create or modify business records in ClickUp and Pipedrive.

Why it was flagged

The skill uses ClickUp and Pipedrive API tokens to act on connected business accounts. This is expected for the stated integration, but users should notice the delegated authority.

Skill content

self.api_token = self.config.get_env_or_config('CLICKUP_API_TOKEN', 'clickup', 'api_token')
...
'Authorization': f'Bearer {self.api_token}'
...
self.api_token = self.config.get_env_or_config('PIPEDRIVE_API_TOKEN', 'pipedrive', 'api_token')

Recommendation

Use least-privilege tokens where possible, keep tokens out of shared logs or shell profiles, and ensure the registry metadata clearly declares required credentials.

Note

ASI10: Rogue Agents

What this means

Once scheduled, the automation may continue processing emails and making business-system changes until the cron jobs are disabled.

Why it was flagged

The skill is designed to work with recurring background monitoring rather than only one manual run. This persistence is disclosed, but it affects ongoing business workflows.

Skill content

Email monitoring is handled by existing cron jobs:
- Ian: `ian@alanharpercomposites.com.br` (Every 5 minutes)
- Ronaldo: `ronaldoaibot@gmail.com` (Every 5 minutes)

Recommendation

Confirm which cron jobs are active, document how to pause or remove them, and monitor the logs after installation.