Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Cleanup Deals
v1.0.0Standardize deal pipelines, remove test deals, and address deals with missing amounts or close dates. Coordinates with Salesforce sync if applicable.
⭐ 0· 59·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md clearly targets HubSpot deal cleanup (searching, deleting test deals, closing stale deals) and also notes Salesforce-synced deals — that purpose aligns with the operations described. However, the registry metadata declares no required environment variables or primary credential while the instructions explicitly expect a HUBSPOT_API_TOKEN (in .env). This mismatch is unexpected and should be corrected.
Instruction Scope
The runtime instructions instruct the agent to read a HUBSPOT_API_TOKEN (via os.getenv) and use the HubSpot API to search, delete, and modify deals. They include concrete deletion criteria (name contains 'test', amount = 0 with no contacts) and guidance to set deals to 'Closed Lost'. These are destructive operations and the SKILL.md does not mandate confirmation, dry-run/testing, or explicit safeguards beyond 'review with owner' for some steps. The instructions also reference Salesforce sync behavior (hs_salesforceopportunityid) — appropriate contextually, but again no guidance on how to safely detect and avoid modifying synced records beyond a note to coordinate with Salesforce admin.
Install Mechanism
This is an instruction-only skill with no install spec or code files, which reduces installation risk. The SKILL.md asks for Python with 'hubspot-api-client' but oddly states 'installed via `uv`' (likely a typo). That ambiguity could confuse implementers and lead to incorrect installation commands.
Credentials
The skill effectively requires a HubSpot API token (HUBSPOT_API_TOKEN) to operate, yet the registry lists no required env vars or primary credential. Requesting a single HubSpot token is proportionate to the stated purpose, but the omission in metadata is misleading. The SKILL.md also refers to Salesforce-synced deals but does not require any Salesforce credentials (which is reasonable if the skill only needs to avoid modifying synced records), though that should be made explicit.
Persistence & Privilege
The skill does not request persistent or elevated platform presence (always:false), which is appropriate. However, since model-invocation is enabled by default, an agent with access to the HubSpot token could autonomously perform deletions or closures if run without safeguards. The combination of autonomous invocation and destructive instructions increases operational risk even though it is not a metadata privilege escalation.
What to consider before installing
This skill’s instructions are coherent with a HubSpot deal-cleanup task, but the package metadata omits the HubSpot credential it requires and the SKILL.md contains ambiguous text (e.g., 'uv' install). Before installing or running it: 1) Treat the HUBSPOT_API_TOKEN as sensitive and only provide a token with the minimum scopes needed; consider using a read-only token for audits and a separate limited token for deletes/updates. 2) Require a dry-run mode or test in a sandbox account first; do not run destructive steps against production without explicit human confirmation. 3) Coordinate with Salesforce admins when synced records exist, and implement explicit checks to skip hs_salesforceopportunityid-bearing records. 4) Update the skill metadata to declare required env vars (HUBSPOT_API_TOKEN) and fix the install guidance (clarify how to install hubspot-api-client). 5) Add explicit safety controls in the workflow: confirmation prompts, logging, and an audit report before performing bulk deletes or status changes.Like a lobster shell, security has layers — review code before you run it.
latestvk9708kqsgwdha6s9w001stef2983mzkr
License
MIT-0
Free to use, modify, and redistribute. No attribution required.