Skillv1.0.0

ClawScan security

Multi-Platform Social Media Scheduler · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 26, 2026, 12:27 PM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill's documentation describes full multi-platform scheduling (which requires many platform credentials and API access), but the package declares no credentials, no install steps, and provides no authentication or endpoint details — that's an important mismatch you should clarify before installing or using it.
Guidance: Before installing or using this skill, ask the publisher for clear answers about authentication and data flows: 1) How does the skill authenticate to each platform? (OAuth flows, API keys, or browser automation?) 2) Which environment variables or credentials are required and where are they stored? Are tokens encrypted at rest? 3) What network endpoints will the skill call (official APIs only, or third-party proxies)? 4) Will the skill ever ask you to paste credentials or tokens into chat? (Never paste long-lived secrets into chat.) 5) Is there audited source code, a homepage, or a privacy/security policy and a way to review the implementation? 6) If you must test, do so with least-privilege/test accounts and monitor network activity. Do not provide production platform credentials or master account tokens until you get explicit, documented authentication details and storage guarantees.

Review Dimensions

Purpose & Capability: concernThe skill claims to schedule and post to many third-party platforms (Twitter/X, Instagram, TikTok, YouTube, LinkedIn, Facebook, Pinterest, Reddit, etc.). Those capabilities normally require platform-specific API keys, OAuth flows, or browser automation. The skill declares no required environment variables, primary credential, or config paths — this is inconsistent with the stated purpose and suggests missing/incomplete implementation or hidden out-of-band instructions.
Instruction Scope: noteThe SKILL.md provides detailed scheduling workflows, templates, and examples but contains no explicit runtime instructions for authenticating to platforms, where tokens should come from, or which endpoints will be used. It does not appear to instruct reading arbitrary user files or secrets, but the omission of authentication details is an important gap.
Install Mechanism: okThis is an instruction-only skill with no install spec and no code files, so nothing will be written to disk by an installer. That lowers exposure from supply-chain installs, but does not address the missing authentication/endpoint details.
Credentials: concernFor multi-platform posting, one would expect required env vars or declared credentials (API keys, OAuth client IDs/secrets, refresh tokens). The skill requests none. This is disproportionate: either it cannot actually perform the claimed integrations, or it expects you to provide credentials interactively (which the SKILL.md does not document). Both possibilities are risky without clarity.
Persistence & Privilege: okThe skill does not request persistent 'always' inclusion, does not declare config-path access, and is user-invocable only. There is no evidence it modifies other skills or system settings.