Skillv1.0.0

ClawScan security

Client Intake Bot Pro · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 23, 2026, 2:47 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: Instruction-only intake/chatbot guidance that is internally consistent with its stated purpose, but it expects integrations that the skill does not declare or secure for you—so confirm connectors and data-handling before use.
Guidance: This skill is an instruction-only template for building conversational intake and lead-routing workflows and is internally consistent with that purpose. Before installing or using it: - Expect to provide connectors/API keys for email, SMS, social DMs, calendar, and any file storage; supply only narrowly scoped credentials and use dedicated accounts where possible. - Confirm how uploaded files and prospect PII (names, emails, company info, RFPs) will be stored, transmitted, and deleted—ensure encryption and retention policies meet your privacy requirements. - Review any agent prompts or follow-up steps so the agent doesn't try to pull unrelated local files or environment variables to ‘gather context.’ - Test the workflows in a staging environment to avoid accidental spamming or leaking of confidential info, and validate opt-in/consent for messages (SMS/email). - Because the skill source/homepage are unknown, consider asking the publisher for documentation or using this SKILL.md as a manual template instead of granting it live access to production connectors until you can validate behavior.

Review Dimensions

Purpose & Capability: okThe name/description (client intake, lead scoring, routing) matches the SKILL.md content. All described features (conversational intake, scoring, auto-responses, routing, nurture sequences) are coherent with the stated purpose and no unrelated capabilities are requested.
Instruction Scope: noteThe SKILL.md contains only high-level runtime instructions for building intake workflows and templates. It references capturing leads via website forms, social media DMs, email autoresponders, calendar booking pre-qualification, file uploads, sending emails and SMS, and routing notifications — which are expected for this skill. The instructions do not tell the agent to read unrelated files or environment variables, but they do imply the need to transmit/handle personal data (names, business details, uploaded RFPs). The guidance is broad and leaves integration/credential choices unspecified, which can lead to ambiguous behavior if connectors or safeguards are not explicitly provided.
Install Mechanism: okNo install spec and no code files — the skill is instruction-only. This is low risk: nothing is downloaded or written to disk by the skill package itself.
Credentials: noteThe skill declares no required environment variables or credentials. However, its functionality (sending email/SMS, connecting to social channels, calendar links, file uploads) will typically require external API keys/accounts. The lack of declared required credentials is not itself dangerous, but it is an omission: the runtime agent or the user will need to provide connectors/credentials later. Verify what credentials the agent will request and ensure they are scoped and stored securely.
Persistence & Privilege: okalways is false and the skill is user-invocable with normal autonomous invocation allowed. The skill does not request persistent system-wide changes, nor does it claim to modify other skills or system configs.