LinkedIn Inbox Manager
WarnAudited by ClawScan on May 10, 2026.
Overview
This skill is purpose-aligned for LinkedIn inbox automation, but it uses broad browser-control permissions, an authenticated LinkedIn session, scheduled monitoring, and Discord-based approvals in ways users should carefully review before installing.
Install only if you are comfortable giving the agent browser-level access to your LinkedIn inbox. Prefer a dedicated browser profile, a private approval channel, per-message confirmations, narrow scheduled scanning windows, and regular cleanup of screenshots, JSON captures, and memory logs.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may be able to view and operate the user's browser-backed LinkedIn account, including private messages, under the user's identity.
The skill depends on broad OS-level UI permissions and the user's existing authenticated LinkedIn browser session, while the registry declares no primary credential or capability requirement.
- Screen Recording + Accessibility permissions granted - LinkedIn logged in via browser (Chrome recommended) - Clawdbot with browser capability
Use a dedicated browser/profile if possible, review macOS Accessibility and Screen Recording permissions, and only enable this if you are comfortable delegating LinkedIn inbox access.
A mistaken invocation, misread approval, or compromised workflow could send messages from the user's LinkedIn account.
The helper script directly types and sends a LinkedIn message through browser automation; it does not itself enforce the SKILL.md approval rule.
peekaboo type "$MESSAGE_TEXT" --app "Google Chrome" ... peekaboo press return --app "Google Chrome"
Require explicit per-message confirmation in a trusted channel, avoid bulk commands such as 'send all', and consider keeping sending manual while using the skill only for draft preparation.
Private LinkedIn message details may be shared into Discord, and anyone with access to the approval channel could potentially influence whether replies are sent.
The workflow posts LinkedIn message previews and draft replies to a Discord channel and treats channel reactions or replies as approval, without describing approver identity checks or channel privacy requirements.
"channel": "discord", "target": "#linkedin" ... React ✅ to send, ❌ to skip, or reply with edits.
Use a private, access-controlled channel and require the agent to verify that approvals come only from the account owner before sending or archiving anything.
After setup, the agent may continue checking LinkedIn and posting summaries on a schedule until the user disables the schedule.
The skill explicitly supports recurring scheduled scans through cron or HEARTBEAT.md. This is disclosed and purpose-aligned, but it creates ongoing autonomous monitoring.
Via Cron (Recommended) ... "text": "Scan LinkedIn inbox and post any new messages to #linkedin with draft replies"
Set narrow active hours, document how to stop the cron/heartbeat job, and periodically verify that monitoring is still desired.
LinkedIn activity, message context, and communication patterns could persist in agent memory or logs longer than the user expects.
The skill recommends persistent logging of LinkedIn-related activity into memory. That is useful for auditability, but retention and content boundaries are not specified.
Log everything - Record all actions in daily memory file
Define what gets logged, avoid storing full message contents unless necessary, and regularly clean up screenshots, JSON captures, and daily memory files.
Users may grant powerful local automation permissions to a dependency that is not represented in the registry requirements.
The skill relies on an external CLI installed outside the skill package, while the registry requirements list no required binaries. This appears purpose-aligned but under-declared.
macOS with Peekaboo CLI installed (`brew install steipete/tap/peekaboo`)
Install Peekaboo only from its expected source, keep it updated, and verify the skill's declared requirements before use.