ClawHub
Back to skill
v1.0.0

Linkedin Pipedream

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:19 AM.

Analysis

This LinkedIn integration is purpose-aligned, but it can publish or delete LinkedIn content and includes a helper script that reads local Pipedream credentials while using hardcoded account and organization identifiers.

GuidanceInstall only if you are comfortable giving the agent LinkedIn publishing and deletion authority. Before use, replace or remove the hardcoded Telegram user, organization ID, and auth provision ID, verify the Pipedream credentials being read, and require manual approval for every public LinkedIn action.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityHighConfidenceHighStatusConcern
SKILL.md
Full LinkedIn automation using Pipedream's OAuth infrastructure. Post as yourself or your organization, comment on posts... `linkedin-delete-post` | Delete your post

The skill explicitly enables public LinkedIn actions, including posting, commenting, liking, organization posting, and deletion, but the shown instructions do not require explicit user confirmation before these high-impact actions.

User impactAn agent using this skill could accidentally or prematurely publish, engage with, or delete LinkedIn content, affecting a personal profile or company page.
RecommendationRequire an explicit user approval step for every post, comment, like, organization post, or deletion, and show the exact account, organization, target post, and final text before execution.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
org-post.mjs
import { PipedreamClient } from '@pipedream/sdk';

The included runnable helper depends on an external SDK, but the supplied artifacts do not include a package manifest, lockfile, version pin, or install spec for that dependency.

User impactA user who runs the helper may need to install an unpinned dependency separately, which adds provenance and version uncertainty.
RecommendationProvide a package manifest and lockfile with a pinned @pipedream/sdk version, or document a verified installation method.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityHighConfidenceHighStatusConcern
org-post.mjs
const configPath = join(homedir(), '.config', 'pdauth', 'config.json');
const config = JSON.parse(readFileSync(configPath, 'utf-8'));
const DEFAULTS = {
  userId: 'telegram:5439689035',
  orgId: '105382747',
  authProvisionId: 'apn_4vhLGx4'
};

The helper reads local Pipedream credentials and defaults to a specific external user, organization, and LinkedIn auth provision ID, while the registry declares no primary credential or required config path.

User impactIf run as-is, the helper may attempt to act through an unintended Pipedream/LinkedIn identity or organization and uses local credential material that users may not realize the skill needs.
RecommendationRemove hardcoded identity defaults, require the user to supply or confirm the external user, organization ID, and auth provision ID, and declare the pdauth config credential requirement clearly in metadata.