Safety Report

Apollo

Name: Apollo
Rating: 5 (4 reviews)
Author: byungkyu

Apollo.io API integration with managed OAuth. Search and enrich people and companies, manage contacts and accounts. Use this skill when users want to prospect, enrich leads, or manage sales data. For other third party apps, use the api-gateway skill (https://clawhub.ai/byungkyu/api-gateway).

4,821Downloads

0Installs

4Stars

6Versions

API Integration4,971 Search & Retrieval2,116 Networking & DNS1,102 CRM & Sales861

Security Analysis

high confidence

Clean0.04 risk

The skill's requirements and runtime instructions are consistent with an Apollo.io integration proxied through Maton; it only requests a single Maton API key and contains no install steps or unexpected behaviors.

Feb 11, 20262 files1 concern

Purpose & Capabilityok

Name/description (Apollo integration via Maton-managed OAuth) aligns with the instructions, which call Maton gateway and control endpoints to proxy Apollo API calls. The single required environment variable (MATON_API_KEY) is appropriate for a managed-OAuth gateway.

Instruction Scopenote

SKILL.md only shows HTTP calls to maton.ai gateway and ctrl endpoints and uses the MATON_API_KEY header. It does not instruct reading other files, env vars, or system paths. Note: using this skill will send request payloads (potentially PII) to Maton endpoints because the gateway proxies Apollo API calls — this is expected but worth being aware of.

Install Mechanismok

No install spec or code files are present (instruction-only). Nothing is downloaded or written to disk by the skill itself, which minimizes install-time risk.

Credentialsok

The skill requires a single env var, MATON_API_KEY, which is proportional to the described function (gateway-authenticated API calls). No unrelated secrets or multiple credentials are requested.

Persistence & Privilegeok

always is false and the skill is user-invocable; it does not request persistent platform privileges or modify other skills. Autonomous invocation is allowed by default but is not combined with other concerning privileges.

Guidance

This skill is internally consistent for a proxied Apollo.io integration, but you should verify you trust the Maton service before providing an API key. Consider: (1) Only supply a Maton API key with minimal scope and avoid using high-privilege or long-lived production keys. (2) Review Maton (maton.ai) privacy/terms to understand what data will be proxied and stored. (3) Use a test account for initial trials and rotate the key after testing. (4) Confirm the Maton domains (gateway.maton.ai, ctrl.maton.ai, connect.maton.ai) are legitimate and that TLS is enforced. The skill has no install scripts or hidden code, but the gateway will see all request payloads (including any PII you send) — ensure that aligns with your data-handling policies.

Latest Release

v1.0.5

- Added a new clawdbot metadata section specifying emoji and required environment variable (MATON_API_KEY).

More by @byungkyu

API Gateway

180 stars

Microsoft Excel

30 stars

Fathom

11 stars

Todoist

11 stars

Microsoft OneDrive

7 stars

Jira

6 stars

Published by @byungkyu on ClawHub