LinkedIn Search Posts
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill is purpose-aligned for searching LinkedIn posts through Apify, but it uses an Apify token, sends queries to an external actor, and can incur costs if limits are not set.
Install only if you are comfortable using Apify for LinkedIn post searches. Configure the APIFY_API_TOKEN carefully, set explicit result and comment/reaction limits, and review Apify billing and dataset retention before running broad searches.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone using the skill must provide an Apify token; runs may consume account quota or generate charges.
The skill needs an Apify account token to run the actor, which is expected for this integration but grants access to the user's Apify account and potential billing usage.
Env variable `APIFY_API_TOKEN` must be set (configured in `openclaw.json` under `skills.entries.linkedin-search-posts.env`).
Use a dedicated or least-privileged Apify token where possible, store it only in the configured secret/env mechanism, and monitor Apify usage.
A poorly bounded search could retrieve much more data than intended and increase Apify costs.
The documented options allow broad scraping and billable expansion through reactions/comments. This is disclosed and purpose-aligned, but should be explicitly bounded by the user.
`maxPosts`: nombre max de posts par requête (0 = tout scraper). ... `scrapeReactions`: scraper les réactions ... (facturation). ... `scrapeComments`: scraper les commentaires ... (facturation).
Set explicit `maxPosts`, `maxComments`, and `maxReactions` values, and confirm before using `0 = all` or enabling comments/reactions on large searches.
Search terms and collected LinkedIn results may be processed and stored by Apify/the actor provider.
Search queries and run inputs are sent to an external Apify actor, and results are retrieved from an Apify dataset. This is central to the skill but moves data outside the local agent environment.
curl --request POST --url "https://api.apify.com/v2/acts/harvestapi~linkedin-post-search/runs?token=$APIFY_API_TOKEN" ... "searchQueries": ["<search query>"]
Avoid sensitive or confidential search terms unless Apify's handling and dataset retention are acceptable for your use case.