ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Linkedin Pipedream

Post to LinkedIn, comment, like, search organizations, and manage profiles via Pipedream OAuth integration.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 1.5k · 3 current installs · 4 all-time installs
by@G9Pedro
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description (LinkedIn via Pipedream) match the declared binary dependency (pdauth), the SKILL.md instructions (pdauth connect/status/call), and the included workaround script which calls Pipedream actions. Dependency on pdauth is expected for this functionality.
Instruction Scope
Most runtime instructions stick to the stated purpose (connect via OAuth, call Pipedream tools to post/comment/like/search). However the included org-post.mjs script reads the user's ~/.config/pdauth/config.json (clientId/clientSecret/projectId) and uses the Pipedream SDK to run an action directly as a workaround. That file access is within the domain of using pdauth but is not explicitly called out as a sensitive operation in the main metadata, so users should be aware the skill will read local auth configuration.
Install Mechanism
There is no external download or remote URL; the skill depends on the pdauth skill/CLI which is coherent. The org-post.mjs file imports '@pipedream/sdk' and requires Node to run, but the skill metadata does not declare Node/npm or that package as an install step — that is a minor coherence gap (the script will fail unless the runtime provides @pipedream/sdk or the user installs it).
!
Credentials
The skill declares no required environment variables, but the included script reads ~/.config/pdauth/config.json which contains clientId, clientSecret, and projectId (sensitive credentials). Reading those local secrets is explainable by the workaround, but the metadata does not declare access to those secrets. Users should expect the skill to access their pdauth config (client credentials and project info).
Persistence & Privilege
always is false and the skill does not request elevated or permanent placement. It does not modify other skills or global agent settings. Autonomous invocation is allowed (default) but not combined with other high-risk factors.
Assessment
This skill appears to do what it says (use Pipedream/pdauth to interact with LinkedIn), but review a few things before installing: - The included Node script (org-post.mjs) reads ~/.config/pdauth/config.json and will access clientId/clientSecret/projectId stored by pdauth — these are sensitive credentials. Only install if you trust the skill owner and understand that the script uses your local pdauth credentials. - The script imports '@pipedream/sdk' and expects Node to be available; the skill metadata doesn't declare Node/npm or that package as an install step. If you plan to use the workaround, ensure you have Node and the @pipedream/sdk dependency installed or run the commands through the pdauth CLI instead. - Check the hard-coded defaults (default orgId, userId, authProvisionId) in org-post.mjs — they may not match your accounts; inspect and edit the script if needed. - Prefer using the pdauth CLI flows (connect/status/call) when possible because they avoid the skill reading your local client secret; use the script only if you understand and accept the local credential access. If you want higher assurance, ask the publisher for: (a) a signed source or canonical repository, (b) an explicit install step for Node/@pipedream/sdk, and (c) confirmation that the script will not transmit credentials to any endpoint other than Pipedream's official API.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk970gmgagqx1vc32shewx578w180h9bh

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

💼 Clawdis
Binspdauth

SKILL.md

LinkedIn via Pipedream — Post, Comment & Engage

Full LinkedIn automation using Pipedream's OAuth infrastructure. Post as yourself or your organization, comment on posts, search companies, and more.

Prerequisites

  1. pdauth CLI installed and configured — see pdauth skill
  2. LinkedIn account connected via OAuth

Quick Start

# 1. Connect LinkedIn (generates OAuth link for user to click)
pdauth connect linkedin --user telegram:5439689035

# 2. After user authorizes, verify connection
pdauth status --user telegram:5439689035

# 3. Post to LinkedIn
pdauth call linkedin.linkedin-create-text-post-user \
  --user telegram:5439689035 \
  --args '{"instruction": "Create a post: Excited to announce our new product launch! 🚀"}'

OAuth Flow

# Generate OAuth link
pdauth connect linkedin --user USER_ID

# Share with user: "Click to authorize LinkedIn: <link>"
# User clicks → authorizes via LinkedIn → done

# Verify connection
pdauth status --user USER_ID

User ID convention: Use telegram:<user_id> format for Telegram users.

Available Tools (19 total)

✅ Working via MCP (pdauth call)

ToolPurpose
linkedin-create-text-post-userPost as personal account
linkedin-create-image-post-userPost with image (personal)
linkedin-create-commentComment on any post
linkedin-create-like-on-shareLike a post
linkedin-search-organizationSearch for companies
linkedin-get-current-member-profileGet your own profile
linkedin-get-member-profileGet any member's profile
linkedin-get-org-member-accessCheck org admin status
linkedin-retrieve-comments-sharesGet comments on a post
linkedin-delete-postDelete your post

⚠️ Broken via MCP (requires workaround)

ToolIssueWorkaround
linkedin-create-text-post-organization"tool name too long" bugUse direct SDK call
linkedin-create-image-post-organizationSame bugUse direct SDK call

Tool Reference

1. Create Personal Post

pdauth call linkedin.linkedin-create-text-post-user \
  --user telegram:5439689035 \
  --args '{"instruction": "Create a post: Your post content here. Use emojis 🎉 and hashtags #AI #Tech"}'

Tips:

  • Keep posts under 3000 characters
  • Emojis increase engagement
  • Use line breaks for readability

2. Create Image Post (Personal)

pdauth call linkedin.linkedin-create-image-post-user \
  --user telegram:5439689035 \
  --args '{"instruction": "Create image post with text: Check out our new office! Image URL: https://example.com/image.jpg"}'

3. Comment on a Post

# Comment using post URN
pdauth call linkedin.linkedin-create-comment \
  --user telegram:5439689035 \
  --args '{"instruction": "Comment on urn:li:share:7293123456789012480 with text: Great insights! Thanks for sharing."}'

Finding post URNs:

  • From LinkedIn URL: linkedin.com/posts/username_activity-7293123456789012480 → URN is urn:li:share:7293123456789012480
  • Or use linkedin-retrieve-comments-shares on known posts

4. Like a Post

pdauth call linkedin.linkedin-create-like-on-share \
  --user telegram:5439689035 \
  --args '{"instruction": "Like the post urn:li:share:7293123456789012480"}'

5. Search Organizations

pdauth call linkedin.linkedin-search-organization \
  --user telegram:5439689035 \
  --args '{"instruction": "Search for companies matching: artificial intelligence startups"}'

6. Get Your Profile

pdauth call linkedin.linkedin-get-current-member-profile \
  --user telegram:5439689035 \
  --args '{"instruction": "Get my LinkedIn profile"}'

Returns: name, headline, URN, vanity name, etc.

7. Get Member Profile

pdauth call linkedin.linkedin-get-member-profile \
  --user telegram:5439689035 \
  --args '{"instruction": "Get profile for member URN urn:li:person:30_5n7bx7f"}'

8. Check Organization Admin Access

pdauth call linkedin.linkedin-get-org-member-access \
  --user telegram:5439689035 \
  --args '{"instruction": "Check my access level for organization 105382747"}'

Returns: ADMINISTRATOR, MEMBER, or NONE

9. Get Comments on a Post

pdauth call linkedin.linkedin-retrieve-comments-shares \
  --user telegram:5439689035 \
  --args '{"instruction": "Get comments for post urn:li:share:7293123456789012480"}'

10. Delete a Post

pdauth call linkedin.linkedin-delete-post \
  --user telegram:5439689035 \
  --args '{"instruction": "Delete post urn:li:share:7293123456789012480"}'

Organization Posting (Workaround Required)

The Bug

linkedin-create-text-post-organization fails via MCP with:

Error: tool name too long

This is a Pipedream MCP bug, not a LinkedIn API issue.

Workaround: Direct SDK Call

Create a Node.js script to post as organization:

// org-post.mjs
import { PipedreamClient } from '@pipedream/sdk';

const client = new PipedreamClient({
  projectEnvironment: 'development',
  clientId: 'YOUR_CLIENT_ID',      // from ~/.config/pdauth/config.json
  clientSecret: 'YOUR_CLIENT_SECRET',
  projectId: 'YOUR_PROJECT_ID',
});

async function postAsOrg(orgId, text) {
  const result = await client.actions.run({
    id: 'linkedin-create-text-post-organization',
    externalUserId: 'telegram:5439689035',
    configuredProps: {
      linkedin: { authProvisionId: 'apn_4vhLGx4' },  // LinkedIn account ID
      organizationId: orgId,
      text: text,
    },
  });
  console.log('Posted!', result);
}

// Example usage
postAsOrg('105382747', 'Hello from Versatly! 🚀');

Run with:

node org-post.mjs

Known Organization IDs

OrganizationIDURN
Versatly105382747urn:li:organization:105382747

Key Reference Values

Pedro's LinkedIn Info

ItemValue
Member URNurn:li:person:30_5n7bx7f
User ID (Pipedream)telegram:5439689035
Auth Provision IDapn_4vhLGx4
Admin ofVersatly (org 105382747)

URN Formats

TypeFormatExample
Personurn:li:person:IDurn:li:person:30_5n7bx7f
Organizationurn:li:organization:IDurn:li:organization:105382747
Post/Shareurn:li:share:IDurn:li:share:7293123456789012480
Commenturn:li:comment:(urn:li:share:ID,ID)Complex nested URN

Common Patterns

Pattern 1: Post and Verify

# Post
pdauth call linkedin.linkedin-create-text-post-user \
  --user telegram:5439689035 \
  --args '{"instruction": "Create post: Just shipped a new feature! 🎉"}'

# The response includes the post URN - save it for later

Pattern 2: Engage with Content

# Find posts to engage with (manual: get URN from LinkedIn URL)
# Like the post
pdauth call linkedin.linkedin-create-like-on-share \
  --user telegram:5439689035 \
  --args '{"instruction": "Like post urn:li:share:7293123456789012480"}'

# Comment
pdauth call linkedin.linkedin-create-comment \
  --user telegram:5439689035 \
  --args '{"instruction": "Comment on urn:li:share:7293123456789012480: Congrats on the launch!"}'

Pattern 3: Research a Company

# Search for the company
pdauth call linkedin.linkedin-search-organization \
  --user telegram:5439689035 \
  --args '{"instruction": "Search for OpenAI"}'

# Check if you have admin access (for orgs you manage)
pdauth call linkedin.linkedin-get-org-member-access \
  --user telegram:5439689035 \
  --args '{"instruction": "Check access for organization 12345678"}'

Error Handling

Common Errors

ErrorCauseSolution
App not connectedNo LinkedIn OAuthRun pdauth connect linkedin --user USER_ID
tool name too longMCP bug for org toolsUse direct SDK workaround
403 ForbiddenNo permission for actionCheck org admin status
Invalid URNMalformed URN formatUse correct format: urn:li:type:id
Rate limitedToo many API callsWait and retry (LinkedIn limits ~100 calls/day)

Checking Connection Status

# Quick status check
pdauth status --user telegram:5439689035

# JSON output for parsing
pdauth status --user telegram:5439689035 --json

Reconnecting

If OAuth expires or breaks:

pdauth disconnect linkedin --user telegram:5439689035
pdauth connect linkedin --user telegram:5439689035
# Share new link with user

Best Practices

  1. Rate Limits: LinkedIn is strict. Space out bulk operations.
  2. Content Quality: LinkedIn penalizes spammy content. Write thoughtfully.
  3. Org Posting: Always verify admin access before attempting org posts.
  4. URN Handling: Always validate URN format before API calls.
  5. Error Recovery: If a post fails, check status before retrying (may have succeeded).

Example Workflow: Complete LinkedIn Campaign

# 1. Verify connection
pdauth status --user telegram:5439689035

# 2. Check org admin status
pdauth call linkedin.linkedin-get-org-member-access \
  --user telegram:5439689035 \
  --args '{"instruction": "Check access for organization 105382747"}'

# 3. Post personal announcement
pdauth call linkedin.linkedin-create-text-post-user \
  --user telegram:5439689035 \
  --args '{"instruction": "Create post: Thrilled to share that Versatly just launched our new AI assistant! 🤖 #AI #Startup"}'

# 4. Post as organization (use SDK workaround)
# → Run org-post.mjs script

# 5. Engage with relevant industry posts
pdauth call linkedin.linkedin-create-comment \
  --user telegram:5439689035 \
  --args '{"instruction": "Comment on urn:li:share:XXXXX: Great perspective on AI safety!"}'

Files & Configuration

FilePurpose
~/.config/pdauth/config.jsonPipedream credentials
~/.openclaw/workspace/pdauth/pdauth CLI source
~/.openclaw/workspace/skills/pdauth/SKILL.mdpdauth skill reference

See Also

  • pdauth skill — OAuth management for all Pipedream apps
  • Pipedream MCP — Browse all available integrations
  • LinkedIn API Docs — Official API reference

Files

2 total
Select a file
Select a file to preview.

Comments

Loading comments…