Back to skill
Skillv1.0.1
VirusTotal security
OpenClaw Email Lead Generation · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 4:15 AM
- Hash
- da4bc9021d1d31128bf9fdcfbbcbb355ce34e06a3d1da73afdc9b6bce0e9299c
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: openclaw-email-lead-generation Version: 1.0.1 The OpenClaw Email Lead Generation skill demonstrates a high degree of security awareness and implements robust defenses against common vulnerabilities. The `SKILL.md` provides explicit, strong security rules for the AI agent, mandating the use of a dedicated `assets/leadgen-helper.sh` script for all file operations and input sanitization. The `leadgen-helper.sh` script itself is well-engineered, featuring comprehensive input sanitization (stripping shell metacharacters, quotes), strict path validation to prevent traversal attacks, and safe JSON manipulation. Credential handling is secure, explicitly forbidding storage of sensitive data in config files and recommending environment variables. Email sending and inbound reply processing include measures like using quoted heredocs for email bodies and HTML stripping for replies, mitigating injection risks. While the 'Template Forge' allows the agent to incorporate user language into templates, the overall security architecture prevents this from leading to malicious execution or data exfiltration by the skill.
- External report
- View on VirusTotal