lead-research-assistant

This skill's stated purpose (B2B lead research, building ICPs, company and LinkedIn-based contact discovery, scoring, and exporting) aligns with its documented capabilities. There is no evidence of backdoors, credential harvesting code, obfuscation, or direct malicious network endpoints in the provided skill text. Primary risks are operational and policy: (1) explicit encouragement of scraping LinkedIn via search-engine queries enables large-scale harvesting of personal data and may violate LinkedIn's terms and privacy laws; (2) persistent local storage of extracted data can leak sensitive information if run in insecure/shared environments; and (3) rate-limiting and legal/privacy compliance are left to implementers, which could lead to misuse. Overall this appears functionally legitimate for lead generation but poses moderate privacy/abuse risk in practice and should be used with legal and operational safeguards (rate limiting, consent checks, secure storage, and compliance with platform terms and data-protection laws).