v2.0.1

Social Media Automation Skills Registry

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:46 AM.

Analysis

This instruction-only registry asks for sensitive Bolta workspace credentials and appears to include an API key while its registry metadata says no credentials or verified source are declared, so it should be reviewed carefully before installation.

GuidanceReview this skill before installing. Verify the publisher and repository independently, do not rely on the embedded 'verified' claim, do not use any exposed example key, and only provide a least-privilege Bolta API key if you fully trust the source and need the documented social media automation capabilities.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusNote

SKILL.md

`posts:write` Create and update posts; `posts:delete` Delete posts and scheduled content; `content:bulk` Perform bulk content operations; `team:manage_keys` Rotate and manage API keys

The skill documents API scopes that can change or delete public/business content and manage workspace keys. These capabilities are related to social media automation, but they are high-impact.

User impactIf an over-scoped key is used, the agent may have authority to alter scheduled posts, bulk content, approvals, audit exports, or team/key settings.

RecommendationUse the narrowest role/scope needed for the task, prefer read-only or creator-level access where possible, and require human review for publishing, deletion, bulk changes, and key management.

Agentic Supply Chain Vulnerabilities

SeverityMediumConfidenceHighStatusConcern

metadata

Source: unknown; Homepage: none

The registry-level provenance is not established. For a skill that asks for sensitive API credentials, unknown source and missing homepage materially increase installation risk.

User impactA user may not be able to verify that this credential-requesting registry actually comes from the claimed publisher or repository.

RecommendationInstall only from a verified publisher/source, compare the artifact to the official repository, and avoid entering credentials into skills with unresolved provenance.

Human-Agent Trust Exploitation

SeverityMediumConfidenceMediumStatusConcern

SKILL.md

"verified": true, "sourceRepository": "https://github.com/boltaai/bolta-skills"

The skill self-asserts that it is verified and names an official-looking repository, while the supplied registry metadata says the source is unknown and homepage is none. Such claims can create unwarranted trust.

User impactUsers may be more willing to provide sensitive workspace credentials based on a self-declared verification claim.

RecommendationTreat embedded verification claims as untrusted unless confirmed by the registry or an independent trusted publisher record.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityHighConfidenceHighStatusConcern

SKILL.md

"requiredEnvironmentVariables": [{ "name": "BOLTA_API_KEY", "required": true, "sensitive": true, ... }, { "name": "BOLTA_WORKSPACE_ID", "required": true, ... }]

SKILL.md requires a sensitive workspace API key and workspace ID even though the supplied registry requirements list no required env vars and no primary credential. That mismatch under-discloses account authority.

User impactInstalling or following this skill could lead a user to provide a Bolta workspace credential without the registry-level credential contract making that clear.

RecommendationDo not provide a key unless the source is independently verified. Use a least-privilege key, avoid admin/full-access scopes, and require the registry metadata to accurately declare the credential requirement.

Identity and Privilege Abuse

SeverityHighConfidenceMediumStatusConcern

SKILL.md

Static scan at SKILL.md:385: "API Key: [REDACTED]"

The scanner reports that the documentation appears to contain a hardcoded API secret or token. A real key embedded in a skill can be abused and indicates unsafe credential handling.

User impactA leaked API key could allow unauthorized access to the associated Bolta workspace, depending on the key's scopes.

RecommendationRemove any literal secret from the documentation, rotate/revoke the exposed key, and replace examples with clearly non-secret placeholders.