high-intent-lead-sniper Security Report — Low Risk | ClawSafe

10 /100

high-intent-lead-sniper

B2B sales intelligence skill that detects buying signals (funding, hiring, competitor frustration, tech stack changes) and generates personalized outreach

Pure documentation-only skill describing a lead-generation workflow using Apify and InVideo AI external services; no executable code, scripts, or dangerous capabilities present.

Skill Namehigh-intent-lead-sniper

Duration30.8s

Enginepi

✓

Safe to install

Safe to use. Be aware this skill requires external paid services (Apify, InVideo AI) and involves scraping public data — ensure compliance with target platforms' Terms of Service.

Findings 2 items

Severity	Finding	Location
Low	Aggressive marketing language Doc Mismatch The SKILL.md uses hyperbolic marketing claims ('most powerful', 'destroys every competitor') which inflate expectations. This is a documentation quality issue rather than a security concern. `# 💰 High-Intent Lead Sniper — Find Prospects Who Are Ready to Buy RIGHT NOW` → Review marketing claims for accuracy before publishing.	`SKILL.md:1`
Low	External service dependency with affiliate links Supply Chain The skill depends entirely on Apify and InVideo AI third-party services. URLs include affiliate tracking parameters (e.g., ?fpr=dx06p, ?fpr=TBB) which generate revenue for the skill author. `https://www.apify.com?fpr=dx06p` → Be aware of the commercial relationship; costs are incurred per run via these external platforms.	`SKILL.md:5`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`NONE`	`NONE`	—	No file operations in this skill
Network	`READ`	`NONE`	✓ Aligned	Describes external API calls but no network code executed by the skill itself
Shell	`NONE`	`NONE`	—	No shell commands or subprocess calls
Environment	`NONE`	`NONE`	—	No environment variable access
Skill Invoke	`NONE`	`NONE`	—	No skill-to-skill invocation
Clipboard	`NONE`	`NONE`	—	No clipboard access
Browser	`NONE`	`NONE`	—	No browser automation code
Database	`NONE`	`NONE`	—	No database access

3 findings

🔗

Medium External URL 外部 URL

https://www.apify.com?fpr=dx06p

SKILL.md:5

🔗

Medium External URL 外部 URL

https://invideo.sjv.io/TBB

SKILL.md:5

📧

Info Email 邮箱地址

[email protected]

SKILL.md:169

File Tree

1 files · 13.1 KB · 319 lines

Markdown 1f · 319L

└─ 📝 SKILL.md Markdown 319L · 13.1 KB

Security Positives

✓ No executable code present — pure documentation

✓ No credential harvesting, exfiltration, or data theft code

✓ No obfuscation, base64, or anti-analysis techniques

✓ No shell execution, subprocess, or system command calls

✓ No sensitive path access (no ~/.ssh, ~/.aws, .env reads)

✓ No supply chain risk — no dependencies in package.json, requirements.txt, or similar

✓ No persistence mechanisms (no cron jobs, startup hooks, or backdoors)

✓ No prompt injection payloads or hidden instructions

Scan Report

Findings 2 items

File Tree

Security Positives