Back to skill
Skillv0.1.1
ClawScan security
OutboundSync Analysis · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 26, 2026, 3:41 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only, read-only analyzer that is internally consistent with its stated purpose (OutboundSync analysis against HubSpot/Salesforce) and requests no extra installs, binaries, or credentials.
- Guidance
- This skill appears coherent and read-only, but it operates on CRM fields that can contain PII or long message bodies. Before installing, confirm that: (1) the agent's CRM connector uses least-privilege, read-only credentials; (2) you are comfortable with the agent accessing long-text fields (reply/message bodies) — consider masking or restricting those fields if needed; (3) you understand the skill expects OutboundSync fields to already exist in your CRM (no automatic provisioning). If you need stricter controls, require the agent to exclude raw message bodies from prompts or enforce field-level filtering in your connector.
Review Dimensions
- Purpose & Capability
- okName/description match the implemented workflow: router_contract, field mappings, and examples all describe HubSpot/Salesforce OutboundSync analysis. The skill does not request unrelated credentials or binaries.
- Instruction Scope
- okSKILL.md restricts behavior to read-only, local-only analysis using declared CRM fields and explicit intent routing; it forbids shell execution and secret exfiltration. The instructions operate only on CRM-synced fields and include preflight checks, so scope is narrow and well-defined.
- Install Mechanism
- okNo install spec and no code files — instruction-only — so nothing is downloaded or written to disk. This is the lowest-risk install profile.
- Credentials
- okThe skill declares no required environment variables, no primary credential, and no config paths. It assumes the agent has CRM access elsewhere (expected for a read-only analytics skill) and does not request unrelated secrets.
- Persistence & Privilege
- okalways:false and default model invocation settings; the skill does not request permanent inclusion or modify other skills or system settings. It does not persist credentials or change agent configuration.