Signup Lead
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked with incorrect or unapproved details, it could create an unwanted signup lead in AgenticCreed.
The skill performs a real HTTP POST that creates a lead record. This is purpose-aligned and fixed to one endpoint, but users should recognize it mutates an external system.
method: POST url: https://gateway.agenticcreed.ai/signup-leads
Use it only after confirming the lead details and that submission to AgenticCreed is intended.
Anyone or any agent with access to this configured key may be able to submit leads to the associated AgenticCreed account.
The request uses an API key from the environment. This is expected for the AgenticCreed API, but it grants service authority and should be scoped and protected.
x-api-key: "{{env.AGENTICCREED_API_KEY}}"Use a least-privilege API key if available, keep it out of logs and prompts, and rotate it if exposed.
Names, contact details, address, date of birth, and similar lead information may be sent to AgenticCreed.
The artifact clearly discloses that personal lead data is transmitted to an external gateway endpoint. This is central to the skill, but it is sensitive data movement.
This skill sends lead details (email, name, contact info, etc.) to https://gateway.agenticcreed.ai/signup-leads.
Submit only data that the user is authorized to share, and verify AgenticCreed’s handling of personal data matches your privacy requirements.