Use this skill when the user wants to review link-building outreach opportunities, find contact information for article authors, generate personalized outrea...
Security Analysis
medium confidenceThe skill's stated outreach purpose mostly matches its runtime instructions, but there are inconsistent declarations about required credentials and a runtime step that implies modifying trackers (write access) which is not clearly justified—ask for clarification before granting access to external resources.
The skill is an instruction-only outreach workflow and its use of SERPAPI (search-driven research) and a Google Sheets tracker is coherent with link-building tasks. However, registry metadata provided earlier lists no required env vars while SKILL.md/manifest declare SERPAPI_API_KEY and GOOGLE_SHEETS_TRACKER_URL (and primaryEnv). This mismatch between declared requirements and registry fields is inconsistent and should be clarified.
SKILL.md tells the agent to fetch product and target pages and to read an opportunity list (CSV or a connected tracker) — all reasonable for research. But it also states it will 'Update `Status` to `processed` after each row completes' if a tracker is configured, which implies write access to the tracker/spreadsheet. The README repeatedly recommends read-only/CSV, yet the runtime instructions expect updating rows. That is scope creep: the skill may request or expect elevated (write) access without clearly declaring it or how it obtains credentials. There are no instructions to exfiltrate data to unknown endpoints, but the write/update behavior needs clarification and explicit consent.
Instruction-only skill with no install spec or code files; nothing will be downloaded or written to disk during install. This is the lowest-risk install mechanism.
The skill references SERPAPI_API_KEY and GOOGLE_SHEETS_TRACKER_URL as environment inputs in SKILL.md and manifest, which are reasonable for search and tracker access. However, the registry summary at the top of the package data lists 'Required env vars: none' and 'Primary credential: none', creating an inconsistency. Also, the tracker URL alone does not convey whether the skill will need editable credentials; the instructions imply it may update the tracker (write). The skill correctly avoids asking for mail/inbox credentials for research, but you should not supply write-capable spreadsheet or inbox credentials unless you explicitly intend it to update external resources.
Skill does not request persistent installation, always:false, and is instruction-only. It stores setup output in memory for the session only and does not request to modify other skills or system-wide configs. Autonomous invocation is allowed (default) but not combined with other high privileges here.
Guidance
This is an instruction-only outreach skill whose behavior mostly matches its description, but there are two issues to check before installing or providing credentials: (1) clarify the required environment variables — SKILL.md and manifest list SERPAPI_API_KEY and GOOGLE_SHEETS_TRACKER_URL while registry metadata claims none, so ask the author which are actually required and why; (2) the skill's runtime says it will 'Update Status to processed' in a connected tracker, which implies write access to spreadsheets. If you don't want it to modify external trackers, supply a read-only CSV or paste the data and avoid granting write-capable Google credentials. Also avoid providing inbox/mail credentials to this skill; delivery should be handled by a separate, explicitly approved sender workflow. Finally, verify the upstream repository (the manifest points to a GitHub URL) before trusting any keys — absence of code-level scan findings here is expected given it's instruction-only and does not guarantee safety.
Latest Release
v1.0.5
Shift public package to draft-first handoff model and remove direct mail auth/runtime instructions
Popular Skills
Published by @GEO-SEO on ClawHub
