ClawHub

LinkedIn Autopilot

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed LinkedIn automation skill, but it asks for account credentials and is designed to automate posts, comments, DMs, and connection requests without enforced approval gates.

Install only if you are comfortable giving an agent practical control over your LinkedIn account. Keep actions in dry-run or review mode by default, avoid storing your password in plaintext if possible, disable auto-DM/comment/connect features unless explicitly needed, and do not run unattended schedules for public or private outreach.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill asks users to provide LinkedIn credentials and automates direct messages, connection requests, profile visits, and other account activity, but the description lacks a prominent privacy and account-risk warning. That omission is dangerous because users may not understand the sensitivity of credential handling, the collection of conversation/contact data, or the risk of account restrictions and unintended outreach performed on their behalf.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script is explicitly designed to automate social actions such as liking and commenting on LinkedIn content and to record those actions locally, with no built-in interactive confirmation, approval gate, or per-action review before posting. In the context of a LinkedIn automation skill, this increases the risk of unauthorized or unintended account activity, spammy behavior, reputational harm, and platform policy violations if the script is misconfigured or triggered unexpectedly.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal