Social Media Manager
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This instruction-only social media skill advertises auto-publishing and DM/comment automation without clear approval, account-scope, or credential boundaries.
Treat this as a content drafting and planning guide unless stronger controls are added. Do not connect real social media accounts or allow posting, DM replies, comment moderation, or analytics access unless you can restrict accounts/scopes and require explicit human approval for every external action.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If connected to real social accounts or external tools, the agent could publish posts or send/respond to messages in ways that affect reputation, privacy, or compliance.
These instructions describe automated public posting/cross-posting and automated private-message behavior, but the artifacts do not add explicit human confirmation or account/action limits.
"DM Automation: Automated message responses" and "Scheduling & Publishing ... Auto-publish ... Cross-post"
Use this only as a drafting/planning assistant unless it adds explicit final approval before posting or messaging, scoped platform/account selection, rate limits, audit logs, and cancellation controls.
A user may grant broad social media account access without understanding which accounts, messages, analytics, or posting rights the agent can use.
Publishing and analytics across third-party social platforms normally require delegated account access, but the provided requirements declare no credential contract and the skill does not define OAuth scopes, accounts, or permission boundaries.
"Create, schedule, publish, and analyze content across multiple platforms efficiently."
Require least-privilege platform authorization, clear account selection, explicit disclosure of what data is read and what actions can be taken, and separate draft generation from publish authority.
The skill may not actually provide the API-like functionality it documents, and later-added code would need separate review.
The package declares an index.js entry point, but the supplied manifest contains only package.json and SKILL.md and the registry/SKILL versions and names do not fully align, making the implementation and provenance ambiguous.
"name":"social-media-manager","version":"1.0.0","main":"index.js"
Keep registry, SKILL.md, and package metadata consistent, and include reviewed implementation files or remove the unused entry point and executable-style examples.