LinkedIn DM
Security checks across malware telemetry and agentic risk
Overview
This skill automates sending LinkedIn messages from your logged-in account and includes workflow choices aimed at avoiding automation detection, so it needs review before use.
Install only if you are comfortable letting the agent operate your logged-in LinkedIn account, send reviewed messages to selected connections, and record outreach details. Pay special attention to the detection-avoidance language and keep volume low, recipient lists explicit, and logging destinations private.
VirusTotal
56/56 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your LinkedIn account could send automated outreach in a way that may trigger platform restrictions or violate platform rules, even if the messages are user-approved.
The skill is not just automating LinkedIn messaging; it gives explicit workflow guidance to reduce automation detection, including for flagged accounts.
Option A — Chrome Relay (recommended for flagged accounts) ... Navigate to feed before every new profile. Jumping directly between profiles is the #1 automation detection trigger.
Use only with a small, reviewed list, understand LinkedIn account-risk implications, and avoid using the detection-avoidance workflow for unsolicited or high-volume outreach.
The agent acts through your LinkedIn identity and can send direct messages that recipients will see as coming from you.
The skill requires access to the user's logged-in LinkedIn session so it can send messages as that user.
Browser is open with LinkedIn logged in
Confirm every batch before sending, keep the recipient list narrow, and monitor the account during use.
Personal contact details and outreach history may be stored outside LinkedIn in a sheet or local file.
The workflow persists contact details, message contents, hooks, and notes to Google Sheets, with a local JSON fallback if Sheets is unavailable.
gog sheets append <SHEET_ID> "Outreach!A:L" ... "<Full Name>","<Role/Title>","<Company>","<LinkedIn URL>","<Hook Used>","<Opener Text>","<Pitch Text>" ... Notes field — include useful context: prior conversation history
Use a private sheet with limited sharing, avoid storing unnecessary personal notes, and delete the local progress file when it is no longer needed.
If the page state is confusing, the fallback could click a send button based on DOM matching rather than a clearly selected UI reference.
The workflow includes an in-page JavaScript fallback to locate and click LinkedIn's Send button when the normal browser automation reference is unavailable.
Or use the JS fallback if the Send button ref is not visible: () => { const btns = Array.from(document.querySelectorAll('button')); ... if (btn) { btn.click(); return 'clicked'; } }Use the normal visible-button flow when possible and verify the correct compose window before allowing any fallback send action.