SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The LinkedIn automation purpose is clear, but the skill asks to use logged-in browser sessions and a LinkedIn session cookie without clear limits on storage, scope, or retention.
Install only if you are comfortable letting the agent access your LinkedIn account. Avoid copying the li_at cookie unless absolutely necessary, use an isolated browser profile where possible, explicitly approve every message or connection action, and sign out or clear the session when finished.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If mishandled, the cookie could allow reading or acting as the user on LinkedIn, including messages and network actions.
`li_at` is a LinkedIn session cookie that can authenticate account access. The artifact does not define where it is stored, how long it is retained, what API requests are allowed, or how the user can revoke/clean it up.
extract the `li_at` cookie from browser ... Copy `li_at` value ... Store securely for API requests
Prefer the browser-based workflow over copying cookies. If cookies are used, require explicit user consent, store them only in a defined secure location, limit use to the requested task, and provide deletion/revocation guidance.
A mistaken or insufficiently reviewed action could send unwanted messages or connection requests from the user's LinkedIn account.
The skill can drive LinkedIn UI actions that send messages or connection requests from the user's account. The instructions do require confirmation, so this is purpose-aligned but still high-impact.
Send Message (confirm with user first!) ... Use `browser action=act` with click/type actions ... Never accept/send connection requests without confirmation
Only use this skill interactively, review recipients and message text before approval, and avoid bulk or rapid automation.
LinkedIn may remain accessible to the agent after the initial task unless the user signs out or clears the browser profile/session.
The skill discloses persistent browser login state, which is common for browser automation but means future invocations may still have access to the LinkedIn account.
Log in manually (one-time setup) ... Session persists for future use
Use an isolated browser profile when possible and clear the session when you no longer want the agent to access LinkedIn.