Linkedin Video Downloader
PassAudited by ClawScan on May 1, 2026.
Overview
The skill’s code matches its stated purpose of downloading a public LinkedIn video, with no evidence of credential use, persistence, exfiltration, or destructive behavior.
This appears safe for its stated purpose if you trust the included Go source and only use it with public LinkedIn video post URLs. Be aware that it downloads network content into your current directory and that the published source/provenance information is incomplete.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If given a misleading URL, the tool may make a network request outside the user’s intended target.
The CLI fetches a user-provided URL after only a simple substring check for linkedin.com. This is expected for the downloader, but users should ensure the URL is the intended public LinkedIn post.
if !strings.Contains(postURL, "linkedin.com") { ... }
...
req, err := http.NewRequest("GET", pageURL, nil)Use only trusted public LinkedIn post URLs; the maintainer could improve safety by validating the parsed hostname against LinkedIn domains.
A user following the placeholder install commands could be confused about which source repository to trust.
The README contains placeholder installation locations while the registry lists the source as unknown. The included source is visible and simple, but provenance is not well established.
git clone https://github.com/yourusername/linkedin-video-dl.git ... go install github.com/yourusername/linkedin-video-dl@latest
Prefer building the reviewed included source, or require the publisher to provide a real repository/homepage and pinned installation instructions.