Agent becomes a master of client acquisition. Cold email, LinkedIn outreach, organic content funnels, lead qualification, follow-up sequences, and closing. U...
Security Analysis
medium confidenceThe skill's instructions match its stated purpose (automated outreach) but it instructs autonomous access to sensitive systems (Gmail via a virtual desktop), schedules recurring cron jobs that will send messages and scrape sites, and relies on a separate virtual-desktop skill — this combination is coherent for acquisition but raises significant safety and data-exposure concerns that the user should review before enabling.
The name/description (client acquisition) aligns with the instructions: cold email, LinkedIn prospecting, organic posting, lead qualification, follow-ups and closing. Required binaries (python3) and optional API keys (Hunter, Apollo, Brevo) are plausible though python3 is not obviously necessary for an instruction-only skill. The dependency on a 'virtual-desktop' skill is expected for browser-driven Gmail/LinkedIn automation.
SKILL.md explicitly instructs reading Gmail responses, scraping LinkedIn, sending cold emails (including domain setup and DNS auth), posting to social platforms, and writing detailed logs. It also instructs scheduling 7 cron jobs that will run autonomously and perform network actions and message classification. These actions involve access to sensitive personal and account data (email inbox, prospect profiles, session cookies in virtual-desktop) and move beyond a simple helper — the agent will be empowered to read and transmit user data and perform outbound communications on the user's behalf.
No install spec and no code files — instruction-only — so nothing arbitrary is downloaded or written at install time. This lowers risk from supply-chain installs. However, the skill expects to configure cron jobs and uses other installed skills (virtual-desktop) which will be the execution surface.
The skill declares no required env vars and only optional API keys for Hunter, Apollo, Brevo. That is proportionate to its purpose. However, it implicitly requires a configured Gmail session (via noVNC/virtual-desktop) and possibly access to DNS/hosting to create a secondary domain — these sensitive capabilities are not expressed as explicit required credentials in the metadata and deserve scrutiny by the user. The skill will read /workspace/USER.md and AGENTS.md and write persistent logs and lead lists under /workspace, which may contain personal or secret info.
always:false (good) but the skill's docs explicitly instruct that it will configure seven cron jobs to run autonomously and perform outbound actions (send emails, scrape LinkedIn, post content, read Gmail 3x/day). Scheduled autonomous operations combined with network access increase blast radius: if misconfigured or abused, the skill could send unwanted outreach, leak inbox contents, or trigger account suspensions. The skill also uses Telegram to notify the principal, introducing an outgoing channel for sensitive lead data.
Guidance
This skill appears to do exactly what it advertises (automated client acquisition), but it will: (1) require a browser session with access to your Gmail (via the virtual-desktop skill) and therefore can read your inbox and replies; (2) schedule recurring cron jobs that autonomously send emails, post content, and scrape LinkedIn/Twitter/Reddit; and (3) log lead data and send notifications over Telegram. Before installing: confirm you trust the virtual-desktop skill and understand what browser/session credentials it will use; run the skill in an isolated account (not your primary Gmail or primary domain) and avoid giving it your main DNS/hosting credentials — create a dedicated secondary domain as advised; do not enable automatic full-send cron jobs until you test in a sandbox and review sample outputs; limit or omit optional API keys (Hunter/APOLLO/BREVO) unless necessary; audit the destination Telegram for notifications; ensure compliance with anti-spam laws and platform terms; and monitor logs and outgoing messages closely for the first runs. If you want a lower-risk option, ask for a variant that only generates templates and schedules but requires manual approval before any outbound send or credential usage.
Latest Release
v1.0.0
Initial release – Agent becomes a master of client acquisition across major outreach and content channels. - Provides best practices and templates for cold email, LinkedIn prospecting, content funnels, lead qualification, and closing. - Follows the philosophies and rules of Oussama Ammar, Yomi Denzel, and current B2B standards. - Guides on technical setup: secure email infrastructure, API/environment variable usage, outreach volumes, and nurturing funnels. - Includes detailed scripts, outreach cadences, and workflow for every acquisition channel. - Integrates with virtual desktop for multi-platform automation (email, LinkedIn, Twitter, Reddit). - Emphasizes actionable, value-first engagement and compliance with channel-specific limitations.
More by @georges91560
Published by @georges91560 on ClawHub
