Skillv2.0.0

ClawScan security

Prospector Lite — B2B Outreach Framework · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 12, 2026, 8:05 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions, required resources, and behavior are internally consistent with a B2B outreach framework — it expects an email channel and local pipeline/lessons files and contains no unrelated credential requests or installs.
Guidance: This skill appears coherent for automated B2B outreach, but review and control the environment before enabling it: - Only enable with a dedicated sending mailbox/domain and limited credentials (do not supply production inbox with high-value data). - Inspect prospects/pipeline.md and lessons files templates to ensure the agent won't leak PII or sensitive customer data. - Test in dry-run mode (no sends) to verify logic and templates, and confirm the agent enforces the 'HARD STOP' send limits before allowing live sends. - Because the skill will access your configured inbox, verify the email channel's scope/permissions and revoke them if you suspect misuse. - Note provenance: source/homepage are absent — if you need stronger assurance, ask the publisher for origin, reviews, or a repo before wide deployment.

Review Dimensions

Purpose & Capability: okName/description (B2B outreach) match the instructions: research prospects, verify emails, send outreach, handle bounces, and maintain pipeline/lessons files. The prereq note that an email tool (Gmail CLI or SMTP-capable tool) must be configured is appropriate for the stated purpose.
Instruction Scope: noteSKILL.md directs the agent to read workspace files (prospects/lessons-learned.md, prospects/pipeline.md), check the configured inbox for replies/bounces, run memory_search for prospect context, and enforce sending limits — all relevant to outreach. This is scoped to prospecting, but it does require mailbox access and writes to pipeline files; review those file paths and templates before running.
Install Mechanism: okInstruction-only skill with no install spec or code files — lowest install risk. It references optional tools (gog, Gmail channel) but does not try to install or download code itself.
Credentials: noteThe skill requests no environment variables or external credentials itself; however, practical use requires configuring an email channel/tool which will provide mailbox credentials. That level of access is proportional to sending emails but carries expected risks (inbox access, sending domain reputation).
Persistence & Privilege: okalways is false and the skill does not request persistent or cross-skill privileges. It operates by instructing the agent to read/write local pipeline/lessons files and use configured channels, which is within normal scope for this functionality.