Konektor - CAPI & Lead Management

ReviewAudited by ClawScan on May 1, 2026.

Overview

This is a coherent instruction-only Konektor API skill, but it requires a Konektor API key and can read or change customer lead records.

Install only if you want your agent to work with Konektor lead data. Use a dedicated least-privilege API key, prefer read-only scopes unless updates are needed, and confirm any action that creates or changes lead records.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Medium

#ASI03: Identity and Privilege Abuse

What this means

If granted broad scopes, the agent could access or modify Konektor workspace lead data within the permissions of that key.

Why it was flagged

The skill requires delegated Konektor account authority through an API key with potentially sensitive scopes. This is expected for the integration, but users should notice and scope the key carefully.

Skill content

| Authentication | Bearer token (API key) | ... | Environment Variable | `KONEKTOR_API_KEY` | ... Available scopes: `agent.leads.read, agent.leads.write, agent.analytics.read, agent.conversions.read, agent.workspace.read, agent.support.write`

Recommendation

Create a dedicated Konektor API key with only the minimum scopes needed, such as read-only scopes for analytics and lead viewing unless write actions are required.

Medium

#ASI02: Tool Misuse and Exploitation

What this means

Mistaken or over-broad agent use could create incorrect lead records or alter business workflows if write-scoped credentials are provided.

Why it was flagged

The documented API includes write operations that can create business lead records containing contact and value information. This is purpose-aligned but is a meaningful mutation capability.

Skill content

### Create Lead ... | Method | POST | ... | Scope | `agent.leads.write` | ... fields include `email`, `phone`, `assignedTo`, `estimatedValue`, `actualValue`

Recommendation

Use read-only credentials by default, and require explicit user confirmation before any create, update, assignment, or status-changing operation.

Low

#ASI06: Memory and Context Poisoning

What this means

Customer or prospect personal data could be exposed in prompts, transcripts, or other tools the agent uses.

Why it was flagged

Lead API responses can include personal contact information and notes, which may enter the agent conversation or downstream context.

Skill content

"firstName": "Budi", "lastName": "Santoso", "email": "budi@example.com", "phone": "+6281234567890", ... "notes": null

Recommendation

Retrieve and display only the fields needed for the task, avoid unnecessary sharing of lead details, and follow applicable privacy rules.