Automation Workflows Conflict
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If followed carelessly, an automation could update business systems or send communications incorrectly.
The skill documents chained automation actions across business tools. This is aligned with the skill purpose, but misconfiguration could create records, send messages, or trigger duplicate actions.
ACTIONS: Step 1: Add lead to CRM ... Step 2: Send welcome email ... Step 3: Create task ... Step 4: Send me a Slack notification
Use test data first, review each action before enabling it, add filters and error alerts, and require human confirmation for financial, public-posting, or customer-facing actions.
Connected automation tools may gain access to data and actions in the user’s business apps.
The skill expects users to connect accounts to automation platforms. This is normal for Zapier/Make/n8n-style workflows, but it delegates account permissions to third-party tools.
Connect your account (authenticate via OAuth)
Grant only the minimum scopes needed, prefer dedicated service accounts where possible, and periodically review or revoke OAuth connections.
The package identity is inconsistent, which may make it harder to verify exactly which skill/version is being installed.
The included _meta.json lists a different ownerId, slug, and version. Because there is no code or install script, this is a provenance note rather than evidence of malicious behavior.
Owner ID: kn7838zsyk9ty48nb4h2k11w6s8117h9; Slug: automation-workflows-conflict; Version: 1.0.0
Verify the publisher and intended slug/version before installing or relying on the skill.
Customer or lead data could be copied into more systems than intended.
The skill encourages moving lead and business data across multiple SaaS tools. This is expected for workflow automation, but users should consider data boundaries and retention.
Sync data between tools (CRM ↔ email tool ↔ spreadsheet)
Minimize which fields are synced, avoid unnecessary sensitive data, check each provider’s retention/sharing settings, and document where automated data flows.