Back to skill
Skillv1.0.0
ClawScan security
CRM Pipeline Manager · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 12, 2026, 4:28 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's declared purpose (a simple, local, chat-driven CRM) matches its instructions and resource needs — it only reads/writes local JSON files and requires no external credentials or installs.
- Guidance
- This skill is coherent and local-only: it will create and update ./data/pipeline.json and backups in your working directory. Before installing, consider: (1) these files will contain contact and deal data (PII) stored locally and likely unencrypted—restrict filesystem permissions or use disk encryption if needed; (2) confirm the agent runtime has only the intended filesystem access (it will need write permission to ./data); (3) because the skill is instruction-only, there is no installer to inspect — review the SKILL.md and local files you receive to ensure they match expectations; (4) if you want cloud sync or automated reminders, expect to supply additional credentials or services (this skill does not request them). Proceed if you are comfortable with local storage of prospect data and have appropriate backups and access controls.
Review Dimensions
- Purpose & Capability
- okName/description, README, and SKILL.md all describe a local chat-driven CRM; required resources (none) are appropriate for that purpose. The skill's behavior (parsing input, storing leads, generating reports) is coherent with the stated goal.
- Instruction Scope
- okRuntime instructions direct the agent to create/read/append a local JSON database at ./data/pipeline.json, keep backups, log interactions, and produce reports. These file operations are expected for a local CRM and the SKILL.md does not instruct the agent to access unrelated system files, environment variables, or external endpoints.
- Install Mechanism
- okThere is no install specification and no code files to execute; this is instruction-only, so nothing is downloaded or written by an installer.
- Credentials
- okThe skill requests no environment variables, credentials, or config paths. That matches its local-only operation. Note: storing leads implies handling personal data (emails/phones) in cleartext unless the user configures encryption.
- Persistence & Privilege
- okalways:false and normal autonomous invocation; the skill only requests to write/read files under its own data paths (./data, ./config, ./exports) and does not modify other skills or system-wide settings.