Neckr0ik Automation Templates
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This appears to be a purpose-aligned automation-template library, but users should verify the command/source and carefully scope credentials before activating generated workflows.
This skill looks like a template library rather than a self-deploying automation agent. Before installing or using it, verify the command you run comes from the provided artifacts, review generated workflows node by node, use restricted test credentials first, and only activate workflows after confirming their triggers, schedules, and connected accounts.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If users paste powerful API keys or webhook URLs into generated workflows, those workflows may read, write, post, or sync data in connected services.
The skill’s templates require users to supply service credentials and webhook URLs for external automation platforms.
"SLACK_WEBHOOK": "https://hooks.slack.com/...", "AIRTABLE_API_KEY": "key...", "MAKE_WEBHOOK": "https://hook.make.com/..."
Use least-privilege service credentials, keep secrets out of source control, and review each generated workflow before importing or activating it.
A misconfigured template could propagate incorrect data, send unintended notifications, or update connected systems repeatedly after activation.
The template catalog includes workflows that synchronize or automate changes across multiple business systems.
| crm-sync | All | Sync contacts across CRMs |
Test templates with sample data first, confirm destinations and schedules, and enable production workflows only after reviewing all nodes and connections.
Users may need to determine how the documented command maps to the included script, and should avoid installing similarly named tools from unverified sources.
The documentation invokes a CLI command, but the registry says there is no install spec and the manifest only includes `scripts/templates.py`, not a declared installed binary.
neckr0ik-automation-templates list
Run only the files supplied by the skill or a verified package source, and verify any missing CLI wrapper or referenced template files before use.
Activated workflows may continue running on a schedule outside the immediate agent session.
The included template code defines scheduled workflows that can run repeatedly once imported and activated in an automation platform.
"type": "schedule", "name": "Daily Trigger"
Before activation, check each workflow’s trigger, schedule, destination accounts, and disable conditions.