• Gateway executes only registered skills.
• Skill I/O is schema-validated with Zod.
• Workspace data is local-first for explicit control.

• Skills should only use public/provided signals.
• Do not attempt bypasses for private data.
• Keep outbound generation human-reviewed.

• Workspace project files may contain sensitive sales notes.
• Add stronger secret management before production deployment.

ClawSale focuses on discovery, enrichment, scoring, and drafting. It intentionally avoids default spam/bulk-send automation.