ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Campaign Orchestrator

v1.0.0

Multi-channel follow-up campaign orchestrator for ShapeScale sales. Schedules and executes SMS + Email sequences with CRM logging and auto-termination on replies. Use when following up with demo leads or managing outreach campaigns.

0· 2.5k·3 current·3 all-time
by@kesslerio
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Requested environment variables (DIALPAD_API_KEY, ATTIO_API_KEY, GOG_KEYRING_PASSWORD) match the described integrations (Dialpad SMS, Attio CRM, Gmail via gog). However, the code and SKILL.md also reference external helper tools and hard-coded filesystem paths (e.g., /home/art/niemand/skills/dialpad/send_sms.py and gog-shapescale) that are not declared as required binaries or provided in the package. That missing/dependent tooling is an incoherence: the skill implicitly requires other local scripts/tools that are not described or installed.
!
Instruction Scope
SKILL.md promises CRM logging ('All activities recorded in Attio') and multi-channel sending, but webhook_handler.py contains a TODO for Attio logging (not implemented). The sending/integration points shown call out-of-repository commands (python3 /home/.../send_sms.py, gog-shapescale) rather than internal library calls; these external invocations are not declared as required binaries. Webhook matching is simplistic (matches by lead name or name appearing in message) rather than using message IDs or authenticated webhook verification — this can cause false positives/incorrect terminations. SKILL.md also instructs humans/agents to 'search memory/CRM' and perform manual checks; those are operational checks but grant broad discretion and rely on external data sources not formalized in the code.
Install Mechanism
There is no install spec (instruction-only install), which minimizes install-time risk. However, the runtime depends on third-party/local scripts and tools (Dialpad send script, gog-shapescale) and expects a Clawdbot cron scheduler; none of those are installed or described here. The lack of an install mechanism combined with hard-coded absolute paths increases the chance the skill will fail or call unexpected binaries on install/run.
Credentials
The requested env vars are relevant to the stated purpose: Dialpad and Attio API keys and a Google keyring password for Gmail access. That set is small and proportional. Caveats: GOG_KEYRING_PASSWORD appears to be a Google credential stored in a keyring — high sensitivity; the skill does not document how credentials are used nor whether they are transmitted to any external endpoint. Ensure secrets are stored securely and scope-limited (least privilege).
Persistence & Privilege
The skill is not always-included and does not request elevated platform privileges. It writes state to a workspace path (default /home/art/niemand/state/campaign-orchestrator/campaigns.json) which is expected for this kind of tool, but the hard-coded default workspace and file location could inadvertently expose data if deployed in a shared environment. Webhook server runs without authentication by default (HTTP on configurable PORT) — deploying publicly without auth/TLS is risky.
What to consider before installing
Things to check before installing or running this skill: - Missing dependencies: The code calls out-of-repository helpers (e.g., /home/art/niemand/skills/dialpad/send_sms.py and gog-shapescale). Ask the author for the exact required helper scripts or include them. Do not assume those paths exist or are trustworthy. - Incomplete Attio logging: SKILL.md claims all activity is logged to Attio, but webhook_handler.py has a TODO for Attio logging. Verify the Attio integration is implemented and inspect that code to ensure no sensitive data is exfiltrated. - Secrets handling: GOG_KEYRING_PASSWORD is a highly sensitive Google credential. Confirm how it's stored/used, ensure least-privilege OAuth tokens are used instead of raw passwords, and avoid putting credentials in world-readable files. Consider using short-lived tokens and scoped API keys. - Webhook security: webhook_handler.py runs an unauthenticated HTTP server by default. If you expose this to the internet, require TLS and verify Dialpad webhook signatures or IP allowlisting to prevent forged replies or denial-of-service. - Matching logic: The webhook matches campaigns by name or membership of the lead name in the message text, not by message IDs. This can cause false matches. Review and prefer explicit message/campaign identifiers returned by Dialpad when sending messages. - Workspace paths: The default WORKSPACE=/home/art/niemand is hard-coded. If deploying to a shared or cloud host, change to a safe, isolated path and ensure file permissions restrict access to state/campaigns.json. - Code provenance and completeness: The skill source is 'unknown' and the homepage repo should be examined. Request the full repo or provenance, and ask for missing components (scheduler, senders) and for tests demonstrating Attio/Gmail/Dialpad interactions. If you intend to use this, run it in an isolated environment (dedicated service account, isolated workspace), review/complete the missing integrations, and perform a security review of any external helper scripts before granting API keys.

Like a lobster shell, security has layers — review code before you run it.

latestvk973b2bn73xsc8vkj3zpveg2eh809yq7

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments