Extruct API Skill
Security checks across malware telemetry and agentic risk
Overview
This appears to be a purpose-aligned Extruct integration, but it can use an authenticated Extruct account to create, modify, and run data-enrichment workflows, including contact lookups that may use credits.
This skill is reasonable to use if you intend to automate Extruct searches, tables, and enrichment. Before installing or invoking it, verify the CLI path, use an appropriately scoped Extruct account, and explicitly approve any table mutations, contact lookups, large result counts, or credit-consuming runs.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill may not work as written, or it may rely on a CLI supplied outside the reviewed artifacts.
The skill depends on a bundled CLI, but the provided metadata says there are no code files and no install spec. This is not evidence of malicious behavior, but it means the actual executable path and implementation were not available for review.
`<extruct_api_cli>` means the absolute path to the bundled CLI script for this skill.
Before use, verify that the resolved CLI path is part of the expected Extruct installation and do not run an unexpected executable.
Actions performed by the agent may read from or modify resources available to the authenticated Extruct user.
The skill requires authenticated Extruct account access, even though registry metadata declares no primary credential or required environment variables. This is expected for an API integration, but users should understand it will act under their Extruct account.
Before the first authenticated CLI call in a conversation, run `<extruct_api_cli> auth user`.
Use an Extruct account or token with only the permissions needed for the intended task, and review account/workspace scope before running mutations.
A mistaken table ID, broad run, or unwanted enrichment could alter business data or spend Extruct credits.
The documented workflows include creating tables, adding rows and columns, and running enrichment jobs. These operations are central to the skill's purpose and are paired with inspection guidance, but they can change remote Extruct data and may consume credits.
`<extruct_api_cli> tables create --payload ...`; `<extruct_api_cli> rows create <table_id> ...`; `<extruct_api_cli> columns add <table_id> ...`; `<extruct_api_cli> tables run <table_id> ...`
Confirm the target table/task, row limits, desired columns, and whether the operation may use credits before allowing create, add, or run commands.
Names, LinkedIn/profile URLs, company websites, emails, and phone-related lookup data may be processed by Extruct or its providers.
People workflows can process personal/contact data through Extruct-backed enrichment operations. This is disclosed and purpose-aligned, but it involves sending person and company context to the provider.
enrich people rows with email, phone, LinkedIn, or derived classifications
Only run contact enrichment for data you are allowed to process, and avoid sending confidential or regulated personal data unless your Extruct account and policies permit it.