PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: linkedin Version: 1.0.0 The skill bundle is designed for LinkedIn automation using a browser tool, providing instructions for common actions like viewing profiles, messages, and searching. It includes explicit safety rules for the AI agent, such as requiring user approval before sending messages or connection requests. While it mentions how a user could manually extract a session cookie (`li_at`) for advanced API requests, it does not instruct the agent to perform any unauthorized cookie extraction, exfiltration, or other malicious actions. All instructions are aligned with the stated purpose and lack high-risk behaviors.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If mishandled, the cookie could allow reading or acting as the user on LinkedIn, including messages and network actions.
`li_at` is a LinkedIn session cookie that can authenticate account access. The artifact does not define where it is stored, how long it is retained, what API requests are allowed, or how the user can revoke/clean it up.
extract the `li_at` cookie from browser ... Copy `li_at` value ... Store securely for API requests
Prefer the browser-based workflow over copying cookies. If cookies are used, require explicit user consent, store them only in a defined secure location, limit use to the requested task, and provide deletion/revocation guidance.
A mistaken or insufficiently reviewed action could send unwanted messages or connection requests from the user's LinkedIn account.
The skill can drive LinkedIn UI actions that send messages or connection requests from the user's account. The instructions do require confirmation, so this is purpose-aligned but still high-impact.
Send Message (confirm with user first!) ... Use `browser action=act` with click/type actions ... Never accept/send connection requests without confirmation
Only use this skill interactively, review recipients and message text before approval, and avoid bulk or rapid automation.
LinkedIn may remain accessible to the agent after the initial task unless the user signs out or clears the browser profile/session.
The skill discloses persistent browser login state, which is common for browser automation but means future invocations may still have access to the LinkedIn account.
Log in manually (one-time setup) ... Session persists for future use
Use an isolated browser profile when possible and clear the session when you no longer want the agent to access LinkedIn.