Promarkia – AI Marketing Automation API
Security checks across malware telemetry and agentic risk
Overview
This looks like a straightforward Promarkia API client, but it can let an agent post or publish through linked accounts and schedule recurring marketing tasks, so users should review the authority before enabling it.
Install only if you intentionally want OpenClaw to operate Promarkia. Use a dedicated API key, keep only necessary integrations connected, avoid submitting secrets or sensitive customer data, review content before public posting, and monitor any recurring cron jobs and credit usage.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A prompt or scheduled task could cause public content to be posted or published through connected accounts and consume Promarkia credits.
The skill gives the agent a generic prompt-driven way to trigger Promarkia squads that can create public posts or publish content, without describing a confirmation step or scoped allowlist before those actions.
The agent calls `scripts/promarkia_run.py` with `--squad` and `--prompt` arguments. ... `11` | Social Media | Post to LinkedIn, X, Reddit, Facebook, Instagram ... `12` | Copywriting | Research, write, publish articles and blog posts
Use explicit prompts, connect only needed accounts, prefer draft/review workflows, and require human confirmation before posting, publishing, outreach, ads, or CRM changes.
If the key or connected integrations are misused, actions may be taken under your linked accounts.
The required Promarkia API key works together with OAuth-linked third-party accounts. This is purpose-aligned, but it is privileged delegated access across public and business services.
Each platform uses OAuth — you'll be redirected to authorize Promarkia to post on your behalf. ... Social Media Squad: LinkedIn, X/Twitter, Reddit, Facebook, Instagram ... Lead Generation Squad: Apollo, ZoomInfo, Salesforce, HubSpot
Use a dedicated Promarkia API key, connect only the integrations needed, review OAuth scopes in Promarkia and the provider accounts, and revoke access when no longer needed.
Recurring jobs may continue posting, auditing, or consuming credits after the original setup is forgotten.
The cron examples show user-created recurring automation. It is disclosed, but scheduled jobs can keep running until removed.
Schedule recurring tasks using OpenClaw's built-in cron system: ... /cron add --name "Daily LinkedIn Post" --schedule "0 9 * * *"
Audit OpenClaw cron entries regularly, give recurring jobs clear names and end conditions, and remove or pause them when campaigns end.
Sensitive prompts, campaign details, customer lists, or generated outputs may be retained by the provider account.
Task prompts and outputs may persist in the Promarkia account and be retrievable later, which is expected but relevant for sensitive marketing, customer, or business data.
Results are stored in your Promarkia account and can be retrieved later by run ID
Avoid submitting confidential data unless Promarkia's retention and access controls meet your requirements; review and delete stored runs where appropriate.