Email Marketing

ReviewAudited by ClawScan on May 10, 2026.

Overview

The skill is broadly aligned with email marketing, but its script allows unsanitized file paths and overstates sending/integration capabilities.

Review this skill before use. Keep campaign/list/template names simple and do not let untrusted text choose those names. Treat the included sending function as incomplete unless SMTP delivery is explicitly implemented, and handle subscriber CSV files as personal data.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Medium

#ASI02: Tool Misuse and Exploitation

What this means

If the agent runs the script with a crafted name, it could read from or write to unintended local paths instead of only managing email-marketing files.

Why it was flagged

User-controlled campaign, list, and template names are interpolated directly into filesystem paths without validation or base-directory checks.

Skill content

Path(f"lists/{list_name}.csv") ... Path(f"templates/{template_name}.txt") ... Path(f"campaigns/{name.replace(' ', '_')}.json")

Recommendation

Validate names with a strict allowlist, reject path separators and '..', and resolve paths to ensure they remain under dedicated lists, templates, and campaigns directories.

Low

#ASI09: Human-Agent Trust Exploitation

What this means

A user or agent could believe a campaign was sent or completed when the included implementation cannot actually send emails as documented.

Why it was flagged

The actual SMTP send logic is commented out, but the campaign can still be marked as sent and the command can return success even though no real email delivery is configured.

Skill content

# server = smtplib.SMTP(smtp_config['host'], smtp_config['port'])
# server.send_message(msg)
...
campaign['status'] = 'sent'
...
return {
    "status": "success",
    "sent": sent_count,
    "failed": failed_count
}

Recommendation

Clearly label sending as a dry-run/demo feature unless SMTP support is implemented, and return an error when real delivery is not configured or all sends fail.

Info

#ASI04: Agentic Supply Chain Vulnerabilities

What this means

Those documented commands will not be reviewable or runnable from the supplied artifact set, and users should not fetch or run replacement scripts without reviewing them.

Why it was flagged

The documentation instructs use of several helper scripts, but the provided file manifest only includes scripts/email_campaign.py.

Skill content

python scripts/sync_customers.py ... python scripts/abandoned_cart.py ... python scripts/post_purchase.py ... python scripts/campaign_stats.py

Recommendation

Either include the referenced scripts in the skill package for review or remove the commands from the documentation until implemented.

Low

#ASI06: Memory and Context Poisoning

What this means

Subscriber email addresses and names may remain on disk after use, which matters for privacy and compliance obligations.

Why it was flagged

The skill persistently stores subscriber contact details in local CSV files.

Skill content

writer.writerow({ 'email': email, 'first_name': first_name, 'last_name': last_name, 'source': 'manual', 'signup_date': datetime.now().strftime('%Y-%m-%d') })

Recommendation

Use only consented subscriber data, store the CSV files in a controlled location, and add retention/deletion guidance for subscriber lists.