Summary Generator
v1.0.5Generate daily or range-based lead summaries from read-only lead data. Use when users ask for todays lead summary, broker inventory counts, locality trends,...
⭐ 0· 650·5 current·5 all-time
byVishal@vishalgojha
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name, description, and included schemas match: the skill validates date-range input, reads lead data in read-only fashion, aggregates the listed metrics, validates output, and returns a summary object. There are no unrelated environment variables, binaries, or installs requested that would be disproportionate to a summarization task.
Instruction Scope
SKILL.md stays narrowly scoped to read-only summarization and explicitly forbids writes, parsing chat dumps, extraction of new leads, follow-up actions, and outbound sends. It does instruct the agent to "Query lead storage using read-only access" but does not specify the data source or authentication method, leaving an operational gap that should be verified in the deployment environment.
Install Mechanism
Instruction-only skill with no install spec and no code files — nothing is written to disk or downloaded. This minimizes installation risk.
Credentials
The skill requests no environment variables or credentials in metadata, which is proportionate. However, it expects read-only access to lead storage at runtime without declaring how credentials are supplied; confirm that the platform's connector model will provide only the intended read-only access and that no extra secrets are required or implicitly used.
Persistence & Privilege
always is false and the skill does not request persistent presence or to modify other skills or system settings. It enforces 'fail closed' when read permissions are absent, which is appropriate.
Assessment
This skill appears coherent for producing read-only lead summaries. Before installing, verify: (1) how the agent runtime will provide read-only access to the intended lead storage (connectors, service account, or IAM role) and ensure those credentials are least-privilege; (2) that the runtime enforces the SKILL.md boundaries (no writes, no external sends, and no parsing of chat dumps); (3) whether the suggested chain (sentiment-priority-scorer -> summary-generator -> action-suggester) will not cause unintended follow-up actions, since this skill explicitly says not to suggest or execute follow-ups. Test the skill in a controlled environment with sample data containing PII to confirm it only returns the validated summary object and does not leak additional context.Like a lobster shell, security has layers — review code before you run it.
latestvk9718kpmp8aqw7kmt67mpy8r1h81qa7b
License
MIT-0
Free to use, modify, and redistribute. No attribution required.