LinkedIn automation via browser relay or cookies for messaging, profile viewing, and network actions.
⭐ 34· 11.6k·98 current·102 all-time
byB*T@biostartechnology
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description match the instructions: browser relay or session cookie use for messaging, profile viewing, and network actions is consistent with LinkedIn automation. However, the skill references a sensitive credential (li_at cookie) and session attachment mechanisms but does not declare any required credential or primaryEnv — an omission that reduces transparency.
Instruction Scope
SKILL.md instructs the agent/operator to attach to a logged-in Chrome session via a browser-relay extension or to extract the li_at cookie from DevTools and store it for API requests. Those instructions explicitly enable reading and acting as the user's LinkedIn account (viewing messages, sending messages/requests). While it advises confirming messages, the guidance gives the agent/skill the ability to access sensitive account data and perform account actions; there are no strict limits in the instructions preventing reading/exporting data or automated exfiltration.
Install Mechanism
This is an instruction-only skill with no install spec or code files, so it does not write code to disk or pull external artifacts. That lowers installation risk, but the runtime risk comes from the described browser-relay and cookie usage rather than from install behavior.
Credentials
The skill describes using/storing the LinkedIn session cookie (li_at), which is effectively a credential granting full account access. Yet the registry metadata lists no required env vars or primary credential. That mismatch (describing credential usage but not declaring it) is a transparency/privilege concern. A user-provided li_at value would be disproportionate relative to a simple helper unless the user fully understands and accepts the account-level access they are granting.
Persistence & Privilege
always:false (default) and normal autonomous invocation are used. Autonomous invocation combined with access to a browser session or a stored li_at cookie increases blast radius (the agent could read/send messages or perform network actions). The skill does include safety guidance (confirm before messaging, rate limits), but those are advisory and not enforcement mechanisms.
What to consider before installing
This skill will attach to a logged-in browser session or ask you to extract your LinkedIn session cookie (li_at). That cookie grants full control of the account (read/send messages, connect/disconnect) — treat it as highly sensitive. Before installing: (1) do not paste li_at into untrusted UIs; prefer using a temporary browser-relay session and watch actions live; (2) verify the origin/author of any browser extension or relay tool you use; (3) only allow the skill to run interactively and require explicit confirmation for any send/connection action; (4) avoid storing li_at persistently and rotate your password/cookie if you suspect misuse; (5) if you need stronger safety, test on a throwaway account first or decline cookie-based mode. If you want, ask the publisher to declare a formal primary credential field and to document how the browser-relay handles user consent and audit logging.Like a lobster shell, security has layers — review code before you run it.
latestvk972ppwp0ercb1ecdwfhv9mqcs7ztsyx
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
💼 Clawdis