OpenClaw Email Lead Generation
PassAudited by ClawScan on May 10, 2026.
Overview
No hidden or malicious behavior is evident, but the skill can store lead data, use email-account access, and run opt-in automated outreach jobs.
Before installing, decide whether you only want manual pipeline tracking or also want email integration and Tier 3 autopilot. Keep auto-send disabled unless you trust the configuration, review every email draft and exec approval, use dedicated email credentials where possible, and protect the ~/workspace/leadgen folder because it contains confidential lead data.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may create and modify files in the leadgen workspace through approved local commands.
The skill expects the agent to run local shell commands for setup and operation. This is disclosed and paired with user approval and helper-script guidance, but users should notice the local execution model.
“You have the exec tool. USE IT. Run every command yourself via exec... Before each exec, briefly explain what the command does...”
Review each exec approval prompt and keep operations scoped to ~/workspace/leadgen as the skill instructs.
If configured, the skill could read relevant replies and send email through the user's email account.
The skill may use SMTP or Gmail credentials for email sending and inbox access. This is expected for an outreach tool, but it grants sensitive account authority.
“optionalEnv”:[“SMTP_HOST”,“SMTP_PORT”,“SMTP_USER”,“SMTP_PASS”,“GMAIL_APP_PASSWORD”] ... “browser-based Gmail access (Tier 2 option)”
Use dedicated app passwords or scoped credentials where possible, and only enable email integration if you are comfortable with the access.
Enabled cron jobs can keep processing the pipeline after setup, including scheduled follow-ups under configured limits.
The skill can create persistent scheduled jobs that later trigger the agent and, if auto-send is enabled, send queued outreach automatically. The artifacts describe this as Tier 3 opt-in automation.
“Tier 3 sets up 4 cron jobs via `openclaw cron add`. Each job triggers the agent...” and “If email method is `smtp` with auto-send: - Send automatically”
Only enable Tier 3/autopilot if you want ongoing automation, verify rate limits, and use the documented pause/disable flow when not needed.
Lead names, email addresses, company details, replies, and outreach history may remain on disk for future use.
The skill stores persistent lead, template, campaign, and reporting data that can be reused by later workflows and automated jobs.
“Lead data stored as JSON files under ~/workspace/leadgen/. ... Templates and sequences are JSON. Config is YAML. Reports are markdown.”
Treat ~/workspace/leadgen as sensitive, avoid adding unnecessary private data, and review stored files before sharing or syncing the workspace.