Skillv1.0.0

ClawScan security

Linkedin Buying Signal · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewApr 4, 2026, 9:06 AM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill's high-level purpose (detect buying intent from LinkedIn) matches its instructions, but there are several omissions and mismatches (credential handling, integrations, and personal-data scraping) that make its behavior unclear and potentially excessive for the stated scope.
Guidance: Before installing or running this skill, consider the following: - Ask the author to clearly declare required credentials and how to supply them (Apify token, and any CRM/Notion/Slack/email credentials) as environment variables or documented inputs — do not paste secrets into free-text prompts. - Confirm how the Apify actors obtain LinkedIn/profile data: do they require a LinkedIn session cookie or authenticated access? If so, supplying such credentials grants broad access to your LinkedIn account; avoid sharing account cookies unless you fully trust and audit the actor. - Verify legal and privacy implications: the skill scrapes personal profiles and emails. Ensure compliance with LinkedIn's Terms of Service and local privacy laws (e.g., GDPR) before collecting/transmitting PII. - Request details on the exact Apify actors used (versions, code or run logs) and test with a very small, controlled dataset first (sandbox run, dummy inputs) to confirm behavior and outputs. - If you plan to push data to CRMs or email prospects, require that the skill explicitly list what credentials it needs and how it will store/transmit them; prefer short-lived tokens or user-controlled webhooks. - If you cannot obtain satisfactory answers about credential handling, data sources, or legal compliance, do not run the skill with real credentials or real personal data. Confidence note: assessment is medium because many issues could be innocuous documentation omissions (e.g., author expects apify_token as an input rather than an env var). However, the combination of unexplained credential needs, personal-data scraping, and unspecified integrations is enough to warrant caution.

Review Dimensions

Purpose & Capability: noteThe name/description (LinkedIn buying-signal detection + outreach) aligns with the SKILL.md: it describes scraping job posts/company pages, scoring intent, finding decision‑makers, and generating outreach. Using Apify actors and an LLM for scoring/outreach is coherent with the stated purpose.
Instruction Scope: concernThe runtime instructions call multiple Apify actors to scrape LinkedIn, company pages, profiles, and Google News, and instruct the agent to extract decision‑maker emails and push data to CRMs/Notion. Those actions involve collecting personal data and transmitting it externally. The SKILL.md does not detail how protected/behind-login Linked LinkedIn content or emails will be accessed, nor does it include guidance on respecting rate limits, robots.txt, or legal/TOS/privacy constraints.
Install Mechanism: okThis is an instruction-only skill with no install spec or code files — lowest install risk. It relies on external Apify actors rather than installing binaries or downloading code.
Credentials: concernThe instructions require an Apify API token (apify_token in the input) and reference pushing results to Notion/Airtable/HubSpot/email, but the skill metadata lists no required environment variables, no primary credential, and no config paths. That mismatch is problematic: the skill will need credentials for Apify and for downstream integrations, yet it doesn't declare them or explain where or how to supply them securely. The skill also implies harvesting emails/contacts but doesn't explain consent or lawful basis for collecting/transferring that personal data.
Persistence & Privilege: okThe skill does not request always:true and is user-invocable; autonomous invocation is allowed (platform default). It does not declare any ability to modify other skills or system config. No elevated persistence is requested.