← Back to Skills Marketplace
OpenClaw Email Lead Generation
by
Jeff J Hunter
· GitHub ↗
· v1.0.1
849
Downloads
5
Stars
1
Active Installs
2
Versions
Install in OpenClaw
/install openclaw-email-lead-generation
Description
OpenClaw Email Lead Generation — the complete outreach and pipeline system for your agent. Guided setup builds your config, Template Forge creates custom ema...
Usage Guidance
This skill appears internally coherent for local lead management and template generation. Before installing or enabling automation: 1) Review the helper script fully (it enforces sanitization and path checks but has fallbacks that are less strict when jq is missing). 2) If you plan to send/receive email, only provide SMTP/Gmail credentials after you verify where they are stored in config.yaml and that you are comfortable with that storage and access model. 3) Keep auto-send and cron disabled until you test flows with a sandbox lead and 'manual' email mode so no real emails are sent unexpectedly. 4) Confirm how inbox access is implemented (openclaw CLI/browser automation, IMAP, or API) because the SKILL.md refers to reply-reading behavior but the bundled script doesn't contain network/email client code in the excerpt — understand that component before enabling Tier 2/3. 5) Consider running the skill in a limited test environment first and ensure jq/openclaw are installed for safer JSON handling and cron integration.
Capability Analysis
Type: OpenClaw Skill
Name: openclaw-email-lead-generation
Version: 1.0.1
The OpenClaw Email Lead Generation skill demonstrates a high degree of security awareness and implements robust defenses against common vulnerabilities. The `SKILL.md` provides explicit, strong security rules for the AI agent, mandating the use of a dedicated `assets/leadgen-helper.sh` script for all file operations and input sanitization. The `leadgen-helper.sh` script itself is well-engineered, featuring comprehensive input sanitization (stripping shell metacharacters, quotes), strict path validation to prevent traversal attacks, and safe JSON manipulation. Credential handling is secure, explicitly forbidding storage of sensitive data in config files and recommending environment variables. Email sending and inbound reply processing include measures like using quoted heredocs for email bodies and HTML stripping for replies, mitigating injection risks. While the 'Template Forge' allows the agent to incorporate user language into templates, the overall security architecture prevents this from leading to malicious execution or data exfiltration by the skill.
Capability Assessment
Purpose & Capability
Name/description match what is present: local pipeline, template generation, scoring, and opt-in cron-driven outreach. Required binaries are standard Unix tools appropriate for the described file and text manipulation. Optional metadata lists SMTP/Gmail credentials and the openclaw CLI which are reasonable for sending/cron features and are declared optional.
Instruction Scope
SKILL.md explicitly restrains all file operations to ~/workspace/leadgen and mandates using the bundled helper script for sanitization and path validation — this is good. The cron/reference docs describe inbox checking and sending behavior, but the included helper script excerpt does not show network/email client code (likely Tier 2/Tier 3 is opt-in). Verify how inbox access and sending are implemented and where credentials are stored before enabling those features. The script and docs also require the agent to execute shell commands via exec — expected but worth noting.
Install Mechanism
Instruction-only skill with included helper script; no remote downloads or installers. No install spec means nothing is fetched from third-party URLs—lowest install risk. The single local script is bundled in the package.
Credentials
No required env vars are declared. Optional env names (SMTP_HOST, SMTP_PORT, SMTP_USER, SMTP_PASS, GMAIL_APP_PASSWORD) are appropriate for an email-sending feature. Before supplying credentials, confirm exactly when and how they will be used and stored (config.yaml location and any encryption/permissions).
Persistence & Privilege
always:false and the skill confines its state to ~/workspace/leadgen. Cron jobs are explicitly opt-in (Tier 3) and the SKILL.md enforces that recurring tasks not be scheduled without explicit user action. The skill does not request system-wide privileges or modifications to other skills.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install openclaw-email-lead-generation - After installation, invoke the skill by name or use
/openclaw-email-lead-generation - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
🎯 v1.0.1 — "Hardened"
🌍 Timezone configuration — all timestamps, cron jobs, and reports respect user's timezone (setup Q7)
🌍 Casual timezone input mapping — "Pacific" / "PST" / "California" auto-resolves to America/Los_Angeles
📧 Email body written to temp file before send — fixes JSON newline escaping bug
📧 Per-domain hourly rate limits — prevent bulk sends to gmail.com, outlook.com, etc.
📧 Email warmup schedule — ramp from 5→10→20→35→50/day for new sending accounts
📧 Compliance footer — auto-append unsubscribe text ("Reply STOP"), configurable per CAN-SPAM
📋 Central audit log — every send, reply, status change, and admin action logged with timestamps
📋 Audit log auto-prune — configurable retention (default 90 days)
📋 Helper command: `audit-log` for structured event logging
📋 Helper command: `audit-prune` for retention enforcement
🛡️ Inbound HTML stripping — `<script>`, `<style>`, and all HTML tags removed from reply content
🛡️ Link validation — URLs in inbound replies flagged before user clicks
🛡️ Credential security rules — passwords NEVER in config, env vars only, agent warns if user pastes secrets
🛡️ Reply content sanitized before JSON storage — prevents injection via inbound email
🛡️ Helper command: `strip-html` for code-enforced HTML removal
🛡️ Helper command: `write-email-body` for safe temp-file email composition
🛡️ Helper command: `domain-sends-count` for per-domain rate limit checks
🛡️ Helper command: `check-warmup` for warmup volume enforcement
📊 Score decay — optional, configurable: -5 points after 14 days inactive (off by default)
📊 Reply check interval — configurable polling frequency for inbox monitoring (default 30 min)
---
## 🎯 v1.0.0 — "First Contact"
🏗️ 3-tier architecture — Pipeline Tracker → Outreach Engine → Autopilot (each unlocks independently)
🏗️ Guided setup — agent walks you through business profile, email config, and template building
🏗️ File-based JSON storage — no database, no dependencies
📊 9-stage pipeline tracking (new → contacted → responded → qualified → call_booked → closed)
📊 Lead scoring 0-100 with configurable weights (industry, pain signals, engagement, replies)
📊 Pipeline dashboard with funnel counts, hot leads, actions due, and AI recommendations
📊 Bulk import from CSV or pasted lists
📊 Search, filter, archive, restore leads
📧 Template Forge — 5-phase voice interview builds your custom 4-email sequence
📧 4-step sequences with configurable delays (Day 0, 3, 7, 14)
📧 Smart personalization — {{first_name}}, {{company_name}}, {{pain_point}}, and more
📧 3 email methods — manual (zero config), SMTP, or browser-based Gmail/Outlook
📧 Human-in-the-loop — agent drafts, you approve before send
⚡ 🌅 Morning Check cron (9am) — reply scan, sentiment analysis, morning briefing
⚡ 📤 Midday Send cron (12pm) — scheduled follow-ups, rate-limited queue
⚡ 📊 Evening Summary cron (5pm) — daily metrics, tomorrow's action list
⚡ 📈 Weekly Report cron (Mon 8am) — performance trends, template rankings, recommendations
🧠 Sentiment analysis on replies — interested / question / objection / not interested / unsubscribe
🧠 Auto-pause sequences on reply, auto-nurture after completion
🧠 Pipeline intelligence — stale lead alerts, bottleneck detection, template performance
🔒 Rate limiting (daily/hourly/per-message configurable)
🔒 Input sanitization on all user data before exec
🔒 Lead data anonymized in shared channels
🔒 Unsubscribe requests immediately honored
🛡️ Bundled `leadgen-helper.sh` — all file operations routed through code-enforced sanitization (not prompt-based)
🛡️ Path traversal prevention — validated in code, can't escape `~/workspace/leadgen/`
🛡️ Shell injection blocked — metacharacters stripped before any exec, `../../` attacks neutralized
🛡️ JSON validation on every lead/template write (uses `jq` if available, basic checks as fallback)
v1.0.0
🎯 v1.0.0 — "First Contact"
🏗️ 3-tier architecture — Pipeline Tracker → Outreach Engine → Autopilot (each unlocks independently)
🏗️ Guided setup — agent walks you through business profile, email config, and template building
🏗️ File-based JSON storage — no database, no dependencies
📊 9-stage pipeline tracking (new → contacted → responded → qualified → call_booked → closed)
📊 Lead scoring 0-100 with configurable weights (industry, pain signals, engagement, replies)
📊 Pipeline dashboard with funnel counts, hot leads, actions due, and AI recommendations
📊 Bulk import from CSV or pasted lists
📊 Search, filter, archive, restore leads
📧 Template Forge — 5-phase voice interview builds your custom 4-email sequence
📧 4-step sequences with configurable delays (Day 0, 3, 7, 14)
📧 Smart personalization — {{first_name}}, {{company_name}}, {{pain_point}}, and more
📧 3 email methods — manual (zero config), SMTP, or browser-based Gmail/Outlook
📧 Human-in-the-loop — agent drafts, you approve before send
⚡ 🌅 Morning Check cron (9am) — reply scan, sentiment analysis, morning briefing
⚡ 📤 Midday Send cron (12pm) — scheduled follow-ups, rate-limited queue
⚡ 📊 Evening Summary cron (5pm) — daily metrics, tomorrow's action list
⚡ 📈 Weekly Report cron (Mon 8am) — performance trends, template rankings, recommendations
🧠 Sentiment analysis on replies — interested / question / objection / not interested / unsubscribe
🧠 Auto-pause sequences on reply, auto-nurture after completion
🧠 Pipeline intelligence — stale lead alerts, bottleneck detection, template performance
🔒 Rate limiting (daily/hourly/per-message configurable)
🔒 Input sanitization on all user data before exec
🔒 Lead data anonymized in shared channels
🔒 Unsubscribe requests immediately honored
Metadata
Frequently Asked Questions
What is OpenClaw Email Lead Generation?
OpenClaw Email Lead Generation — the complete outreach and pipeline system for your agent. Guided setup builds your config, Template Forge creates custom ema... It is an AI Agent Skill for Claude Code / OpenClaw, with 849 downloads so far.
How do I install OpenClaw Email Lead Generation?
Run "/install openclaw-email-lead-generation" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is OpenClaw Email Lead Generation free?
Yes, OpenClaw Email Lead Generation is completely free (open-source). You can download, install and use it at no cost.
Which platforms does OpenClaw Email Lead Generation support?
OpenClaw Email Lead Generation is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created OpenClaw Email Lead Generation?
It is built and maintained by Jeff J Hunter (@jeffjhunter); the current version is v1.0.1.
More Skills