AI-powered tool to create, personalize, schedule, send, and track professional email campaigns using Kit (ConvertKit) API integration.
Security Analysis
medium confidenceThe skill appears to implement a ConvertKit (Kit) integration that mostly matches its description, but there are several documentation/config inconsistencies, unverifiable encryption/storage claims, and instructions that allow reading arbitrary local files — review the included scripts before installing or giving it credentials.
The skill's stated purpose (write, schedule, send, and track ConvertKit broadcasts) matches the presence of kit-api.js and credentials handling. However registry metadata declares no required credentials/env vars or primary credential even though the runtime instructions require a Kit API key and secret to be collected and stored locally. That metadata mismatch is notable but not necessarily malicious.
SKILL.md directs the agent to collect Kit API credentials, voice-training samples, business context, and optionally ‘database integration’ paths; it then instructs the agent to read those local paths before generating emails. Allowing the skill to read arbitrary file paths (user-supplied) expands its scope beyond just 'email content' and could expose sensitive files if misused or if a user supplies paths carelessly. The docs also inconsistently reference multiple storage locations (e.g., /data/.openclaw/workspace/.kit-credentials vs ~/.kit-credentials vs /data/.openclaw/workspace/.kit-voice-profile.json), which could cause accidental reads/writes outside expected places.
There is no automated install spec in the registry (manual copy into the skills directory is implied). That lowers supply-chain risk because nothing is fetched at runtime, but the package includes executable scripts (credentials.js, kit-api.js) that will run locally. The install docs ask users to chmod and execute scripts; review those scripts before running. No external download URLs were used in the provided files.
Requesting a Kit API key and secret is proportionate to the stated functionality. However the package metadata lists no required env vars (contradicting the runtime need to collect API credentials). The skill also asks to store and later read user-provided local files (voice guides, memory files). Those file reads are functionally explainable for voice training, but they increase the potential for accidental exposure of unrelated sensitive data if paths are mis-specified or if the agent is given broad discretion to discover files.
The skill does not request 'always: true' and does not declare elevated platform privileges. It stores data locally in the workspace and claims to encrypt credentials; this is a normal persistence model for a local integration. However the encryption/storage claims are in documentation and not auditable from the manifest alone — see guidance.
Guidance
This skill broadly does what it says (ConvertKit integration) but there are red flags you should address before installing: 1) Inspect scripts/credentials.js and scripts/kit-api.js for any network endpoints or unexpected behavior (search for non-ConvertKit domains, telemetry calls, or hard-coded URLs). 2) Verify the credential-encryption implementation in credentials.js yourself — the docs claim AES-256-GCM and PBKDF2 tied to hostname/homedir, but that must be audited in code. 3) Pay attention to storage paths: the docs reference multiple locations (~/ and /data/.openclaw/workspace/); confirm where credentials and voice files will actually be written and ensure file permissions are restrictive. 4) Never point the skill to system-wide secrets or directories (e.g., /etc, ~/.ssh, cloud SDK configs) when asked for voice/memory paths — only supply specific, non-sensitive files. 5) Test the skill with a limited, low-privilege Kit account (or a new API key with minimal permissions) before using it on production lists; rotate the API key after testing. 6) If you are not comfortable auditing the JS files yourself, ask the maintainer for a security review or run the scripts in an isolated environment (container/VM) first. These steps will reduce the risk of accidental data exposure or misuse.
Latest Release
v1.0.0
Initial release - AI-powered email marketing for Kit (ConvertKit). Premium skill with voice training, API integration, and comprehensive best practices.
More by @Kevjade
Published by @Kevjade on ClawHub
