ClawHub

LinkedIn CLI

PassAudited by VirusTotal on May 12, 2026.

Overview

Type: OpenClaw Skill Name: linkedin-cli Version: 1.0.0 The skill is classified as benign. It transparently declares its need for sensitive LinkedIn session cookies (`LINKEDIN_LI_AT`, `LINKEDIN_JSESSIONID`) in `SKILL.md` and `scripts/lk.py`. The Python script uses these cookies solely to interact with the LinkedIn API via the `linkedin-api` library for its stated purpose (profile search, feed summary, messages). There is no evidence of data exfiltration to unauthorized endpoints, malicious execution, persistence mechanisms, prompt injection attempts against the agent, or obfuscation. The behavior is clearly aligned with the stated purpose.

Findings (0)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Note
ASI03: Identity and Privilege Abuse
What this means

If the environment variables are exposed or the command is run in an unintended context, someone could potentially reuse the LinkedIn session cookies to access the account.

Why it was flagged

The code uses LinkedIn browser session cookies as account credentials. This is disclosed and matches the skill purpose, but these cookies are sensitive and may grant broader account access than the read-only CLI actions shown.

Skill content
li_at = os.environ.get("LINKEDIN_LI_AT")
jsessionid = os.environ.get("LINKEDIN_JSESSIONID")
...
jar.set("li_at", li_at, domain=".www.linkedin.com")
jar.set("JSESSIONID", jsessionid, domain=".www.linkedin.com")
...
return Linkedin("", "", cookies=jar)
Recommendation

Only use this in a trusted local environment, avoid sharing logs or shells that contain the cookies, and revoke the session by logging out of LinkedIn if the cookies may have been exposed.

Note
ASI04: Agentic Supply Chain Vulnerabilities
What this means

A compromised or unexpected version of the dependency could receive the LinkedIn session cookies used by this tool.

Why it was flagged

The dependency is installed manually without a pinned version. This is normal for a simple CLI, but the dependency is part of the credential-handling path and should be trusted.

Skill content
Requires the `linkedin-api` Python package:
```bash
pip install linkedin-api
```
Recommendation

Install the dependency from a trusted package source, consider pinning a known-good version, and use an isolated Python environment.