Back to skill

Security audit

PostNitro

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed PostNitro workflow for creating and scheduling social posts, with expected API-key and publishing risks but no artifact-backed deception or hidden persistence.

Install only if you trust PostNitro and are comfortable giving its CLI an API key and authority to draft or publish to connected social accounts. Prefer DRAFT for uncertain runs, confirm account IDs and scheduled times before using SCHEDULED, protect or clear the saved API key on shared machines, and treat disconnect/delete commands as potentially disruptive.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Rogue AgentSelf-Modification, Session Persistence
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The description says to use the skill whenever the user wants to create a carousel, repurpose content, or automate and schedule social media posts. This trigger scope is broad and lacks exclusion conditions or narrower activation constraints, increasing the chance of unintended invocation for general social-media help requests.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
This markdown file describes `postnitro auth set-key <key>` and explicitly says it saves the key to `~/.postnitro-cli/config.json`, but it does not include any warning about local credential storage, file permissions, or the sensitivity of the API key. Because markdown files should warn about behaviors affecting user privacy or system integrity, documenting secret persistence without disclosure is a meaningful omission.

Missing User Warnings

Low
Confidence
88% confidence
Finding
The reference shows `postnitro social disconnect <id> --yes` and labels it `# destructive`, but it does not explain the impact on the connected social account or whether the action is reversible. For markdown documentation, destructive operations that may affect user data or integrations should include a clearer warning so users understand the consequence before invoking the command.

Missing User Warnings

Low
Confidence
91% confidence
Finding
The documentation lists `postnitro schedule delete <id> --yes` without any explicit warning about permanence, loss of scheduled content, or whether recovery is possible. Since this markdown file documents a destructive operation affecting user data, it should disclose the deletion risk more clearly.

Session Persistence

Medium
Category
Rogue Agent
Content
---
name: postnitro
description: Create on-brand social media carousels and schedule them to LinkedIn, Instagram, TikTok, and Threads from a single command. Turn a topic, article, or X thread into a finished multi-slide post — or import your own slides — then publish or draft it automatically. Fully scriptable (JSON in, JSON out), so an AI agent can run the entire create-to-schedule workflow. Use this skill whenever the user wants to create a carousel, slide post, or multi-slide content, repurpose an article, blog post, or X thread into slides, or automate and schedule social media posts. Requires a PostNitro API key.
homepage: https://postnitro.ai
metadata: {"openclaw":{"emoji":"🎠","primaryEnv":"POSTNITRO_API_KEY","requires":{"bins":[],"env":["POSTNITRO_API_KEY"]}}}
---
Confidence
60% confidence
Finding
Create on-brand social media carousels and schedule them to LinkedIn, Instagram, TikTok, and Threads from a single command. Turn a topic, article, or X thread into a finished multi-slide post — or imp

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.