Skillv1.0.0

ClawScan security

AI Social Media Manager · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 15, 2026, 8:20 AM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill claims full multi‑platform posting and credentialed integrations but the shipped code only simulates platforms and never uses credentials—ask for clarification before supplying any secrets.
Guidance: This package appears to be a local/simulated social‑media manager rather than a real connector. Before installing or adding any account secrets: 1) Do not paste real passwords, cookies, or API keys into TOOLS.md or any file unless the code explicitly reads them. 2) Inspect the code (platform adapters) for real HTTP calls or SDK usage — currently adapters return mock objects and perform no network I/O. 3) If you need real posting/analytics, ask the author/maintainer whether and how credentials are consumed; do not assume the README is accurate. 4) Run the included tests locally in a safe environment to confirm behavior. 5) If you must supply credentials, prefer creating limited/sandbox/test accounts and revoke them afterward. The main issue is coherence and potential for users to expose secrets unnecessarily, not active malicious behavior.

Review Dimensions

Purpose & Capability: concernThe name/description promise multi‑platform posting, auto‑publishing, and analytics. The code contains platform adapters and a CLI, but all adapters return mocked/simulated responses and there are no network/API calls or SDK usage. The project documentation also tells users to add platform credentials, yet the runtime does not read environment variables or any credential/config files. This is a functional mismatch: expected external integrations are not implemented.
Instruction Scope: concernSKILL.md / README instruct users to add platform account credentials into TOOLS.md and shows CLI commands for posting/commenting. However, runtime instructions and the actual code do not access those credentials or perform real network I/O. The instructions could cause users to store sensitive credentials for no reason; the skill's operational instructions imply capabilities that the code does not implement.
Install Mechanism: okThere is no install script or remote download; the package is self‑contained with source files. No external URLs, installers, or extraction steps are present in the manifest—low install risk.
Credentials: concernThe manifest declares no required environment variables or credentials, but documentation asks users to place usernames, passwords, cookies, and API keys into TOOLS.md. Requesting or instructing users to provide secrets without the code actually needing them is disproportionate and could lead users to expose credentials unnecessarily.
Persistence & Privilege: okThe skill does not request persistent/always inclusion and does not modify other skills or system settings. It is user‑invocable only and has no privileged flags.