LinkedIn Poster
PassAudited by ClawScan on May 1, 2026.
Overview
This is a straightforward LinkedIn posting skill; it can publish public posts using a configured LinkedIn token, but that behavior is disclosed and the instructions require owner approval.
Before installing, make sure you are comfortable giving the configured LinkedIn channel permission to publish posts. Review and explicitly approve the final text and any media before posting, and keep the LinkedIn OAuth token protected.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used incorrectly, the agent could publish unwanted text or media to the authenticated user's public LinkedIn feed.
The skill documents use of the message tool to publish to LinkedIn, which is a high-impact public posting action even though it is central to the skill's purpose.
message send --channel linkedin --text "Your post content here"
Only approve posts after reviewing the final text, attached media, target account, and whether the post should be public.
Anyone or any agent flow that can use this configured channel may be able to publish to the linked LinkedIn account.
The skill requires a LinkedIn OAuth token with permission to post on behalf of the user; this is expected for a posting skill but is sensitive delegated authority.
`accessToken`: OAuth 2.0 token with `w_member_social` scope
Use the least-privileged LinkedIn token available, keep the token protected, and revoke or rotate it if access is no longer needed.
A selected local image could be uploaded and made visible in a public LinkedIn post.
The skill can attach local or remote images to posts. This is purpose-aligned, but local media could unintentionally reveal private or sensitive content if not reviewed.
Supported image sources: - Local file paths: `/Users/david/image.png` - `file://` URLs: `file:///Users/david/image.png` - Remote URLs: `https://example.com/image.png`
Review every attached image and file path before approving the post.