Twenty CRM
ReviewAudited by ClawScan on May 1, 2026.
Overview
This looks like a normal Twenty CRM API wrapper, but it can use a CRM API key to change or delete CRM records, so configure and use it carefully.
This skill appears coherent and purpose-aligned for managing a self-hosted Twenty CRM instance. Before installing, make sure you trust the included scripts, provide only a dedicated least-privilege API key, protect any config file containing the key, and require confirmation before actions that create, update, delete, or destroy CRM records.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked with a privileged token, these helpers can change or delete CRM records.
The skill exposes low-level CRM API helpers that can create, modify, delete, or query records. This is disclosed and aligned with a CRM API integration, but those operations can have high business impact.
REST POST ... REST PATCH ... REST DELETE ... GraphQL
Use the least-privileged Twenty API key available, prefer read-only access when possible, and require explicit user confirmation before POST, PATCH, DELETE, destroy, or GraphQL mutation operations.
A broad or admin API key could allow broad access to CRM data and CRM mutations through this skill.
The scripts authenticate to Twenty CRM with a bearer API token. This is expected for the integration, but the token carries whatever CRM permissions it was granted.
-H "Authorization: Bearer $TWENTY_API_KEY"
Create a dedicated token for this skill, scope it narrowly if Twenty supports that, rotate it if exposed, and avoid storing it in shared or world-readable files.
If the config file is malicious or writable by someone else, commands in it could run when the skill scripts are used.
The config loader uses shell source on the configured env file. This is a common way to load shell-style configuration, but it executes shell syntax in that file.
if [ -f "$CONFIG_FILE" ]; then ... source "$CONFIG_FILE"
Only point TWENTY_CONFIG_FILE at a trusted file, keep config/twenty.env private, and use restrictive permissions such as chmod 600.
An install UI or quick review may not clearly show that the skill needs curl, python3, a Twenty base URL, and a CRM API key.
The registry metadata under-declares the runtime requirements and API key that SKILL.md and the scripts require. The requirements are disclosed in SKILL.md, so this is a metadata quality note rather than hidden behavior.
Required binaries ... none; Required env vars: none; Primary credential: none
Review SKILL.md before installation and ensure the registry metadata is updated to declare TWENTY_BASE_URL, TWENTY_API_KEY, curl, and python3.