LinkedIn DM
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using this could send automated outreach at scale from the user's LinkedIn account and may trigger account restrictions, reputation harm, or recipient complaints.
The workflow combines browser-driven LinkedIn message sending with explicit instructions to avoid an automation-detection trigger, which is materially riskier than ordinary browser automation.
Navigate to feed before every new profile. Jumping directly between profiles is the #1 automation detection trigger ... Send Message 1 ... Send Message 2.
Remove anti-detection guidance, add explicit campaign size and rate limits, require clear recipient/batch approval, and stop on any LinkedIn warning rather than optimizing around detection.
The agent can act through the user's authenticated LinkedIn session to read profiles and send DMs, and can write outreach records through an authenticated Google Sheets setup.
The skill relies on active LinkedIn and Google account sessions, even though the registry metadata declares no primary credential.
Option A — Chrome Browser Relay (`profile="chrome"`): extension attached to LinkedIn tab ... Option B — OpenClaw Isolated Browser ... LinkedIn logged in ... Confirm `gog` is authenticated (`gog auth list`).
Declare LinkedIn browser-session access and Google Sheets authentication as sensitive requirements, and require the user to confirm which account and sheet are being used before any action.
Anyone with access to the sheet or local progress file could see connection details, campaign messages, and relationship notes.
The CRM logging stores personal contact details, message text, relationship hooks, and possibly prior conversation history in a persistent sheet or local fallback file.
gog sheets append <SHEET_ID> "Outreach!A:L" ... "<Full Name>","<Role/Title>","<Company>","<LinkedIn URL>","<Hook Used>","<Opener Text>","<Pitch Text>" ... Notes field — include useful context: prior conversation history
Use a private user-owned sheet, limit sharing, avoid recording sensitive conversation history, and delete local progress files when they are no longer needed.
Recipients may perceive automated campaign outreach as a more personal one-to-one message, which can affect trust and the sender's reputation.
The skill intentionally makes AI-generated outreach feel like a personal human message before delivering a pitch.
Opener lands first — they see it before the pitch, feels more personal ... Mirrors how a human would actually message a connection
Keep messages honest, avoid implying a relationship that does not exist, and have the user review the full batch for accuracy and tone before sending.
If the wrong compose bubble is active, a fallback click could send a message to the wrong conversation.
The workflow includes a raw JavaScript fallback that clicks a LinkedIn Send button when the normal browser reference is not visible.
Or use the JS fallback if the Send button ref is not visible: `const btns = Array.from(document.querySelectorAll('button')); ... if (btn) { btn.click(); return 'clicked'; }`Prefer explicit UI element references and require a snapshot confirmation of the recipient and message before using any JavaScript fallback.