Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
ABM Outbound
v1.0.0Multi-channel ABM automation that turns LinkedIn URLs into coordinated outbound campaigns. Scrapes profiles, enriches with Apollo (email + phone), gets mailing addresses via Skip Trace, then orchestrates email sequences, LinkedIn touches, and handwritten letters via Scribeless. The secret weapon for standing out in crowded inboxes.
⭐ 2· 3.2k·5 current·5 all-time
by@dru-ca
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's steps (Apify scraping, Apollo enrichment, Skip Trace for mailing addresses, Scribeless for letters) align with the ABM description — these services are appropriate for the stated purpose. However, the registry metadata declares no required environment variables or primary credential even though SKILL.md explicitly instructs the user/agent to export APIFY_API_KEY, APOLLO_API_KEY, SCRIBELESS_API_KEY (and optional INSTANTLY_API_KEY). That metadata/instruction mismatch is an incoherence: the skill will need several third-party API keys but does not declare them.
Instruction Scope
The runtime instructions are precise and stay within the stated workflow: scrape LinkedIn via Apify, call Apollo to reveal emails/phones, call a Skip Trace to obtain home mailing addresses, and add recipients to Scribeless. All network calls target the services named in the prerequisites. Important behavioral notes: the skill encourages retrieving personal emails (reveal_personal_emails: true) and home addresses from public records — this collects highly sensitive PII beyond business contact data and may raise ToS, privacy, and regulatory issues (e.g., LinkedIn terms, GDPR/CCPA). The instructions do not instruct the agent to read unrelated local files or secrets, nor to exfiltrate data to unknown endpoints.
Install Mechanism
Instruction-only skill with no install spec or code files. This is low risk from an install/execution perspective because nothing is downloaded or written by automatic install.
Credentials
The SKILL.md requires multiple sensitive API keys (APIFY_API_KEY, APOLLO_API_KEY, SCRIBELESS_API_KEY, optional INSTANTLY_API_KEY) but the skill metadata lists no required env vars or primary credential. Asking for multiple service API keys is proportionate to a multi-service ABM pipeline, but the omission in metadata is an inconsistency and increases risk because users may not realize how many credentials will be used. Also, the skill explicitly requests actions that will reveal personal emails and home addresses — the level of sensitive data requested is high and should be carefully justified and limited.
Persistence & Privilege
The skill does not request permanent/automatic presence (always:false), has no install-time config, and contains no code that modifies other skills or system-wide settings. Model invocation is allowed (default), which means an agent could call the described APIs autonomously — this is expected behavior for skills but combined with the above concerns (sensitive data + unknown author) raises practical risk if the agent is allowed to act without human review.
What to consider before installing
This skill describes a legitimate multi-service ABM pipeline, but it contains several red flags you should address before use: (1) the SKILL.md requires multiple API keys (Apify, Apollo, Scribeless, optional Instantly) but the skill metadata does not declare those env vars — confirm what credentials the skill will actually use and store. (2) The workflow collects sensitive PII (personal emails and home mailing addresses via Skip Trace). Verify legal/regulatory compliance (GDPR, CCPA), LinkedIn terms of service, and your organization's privacy policy before using these lookups. (3) Because the skill source and homepage are unknown, prefer not to provide high-privilege or long-lived API keys; instead use limited-scope or test keys and monitor activity. (4) Consider requesting the author/publisher or source code (or a homepage) and check for an audit/logging policy so you can review what the agent does before letting it run autonomously. If you must test, run only with a small, consented sample and with manual approval at each step.Like a lobster shell, security has layers — review code before you run it.
latestvk975nd5tzrjv9yeffv8gshv87x800t48
License
MIT-0
Free to use, modify, and redistribute. No attribution required.