critical
suspicious.exposed_secret_literal
- Location
- scripts/platforms/mastodon.js:94
- Finding
- File appears to expose a hardcoded API secret or token.
Openclaw Social Scheduler
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.exposed_secret_literal
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
What this means
If these are real tokens, the package may expose or use social-media credentials that do not belong to the installing user, enabling account abuse or unintended posting authority.
Why it was flagged
The static scan reports a hardcoded access token in a platform posting module; similar exposed-secret findings are also reported for Twitter, test, and media-upload scripts.
Skill content
access_token: [REDACTED],
Recommendation
Do not use until all embedded secrets are removed and rotated; require credentials to be supplied by the user through clearly declared config or environment variables.
What this means
Webhook URLs, API keys, scheduled content, or account references could remain on disk and be reused later by the daemon or exposed to other local users/tools.
Why it was flagged
The documented scheduler persists queued jobs and examples pass secret-like webhook/config values into scheduled commands, but the artifacts do not explain how those values are protected or cleaned up.
Skill content
💾 **Persistent queue** (survives restarts) ... social-schedule add discord WEBHOOK_URL "Posted in the future!"
Recommendation
Avoid passing raw secrets on the command line; use protected config files or environment variables, inspect the queue storage, and document retention and cleanup behavior.
What this means
A mistaken or unauthorized invocation could post public content, media, comments, or threads from connected accounts.
Why it was flagged
The skill is explicitly designed to publish content across multiple external accounts and can do so automatically after scheduling.
Skill content
Schedule posts to Discord, Reddit, Twitter/X, Mastodon, Bluesky, and Moltbook ... **Automatic posting** via scheduler daemon
Recommendation
Use least-privileged platform tokens, review content before scheduling, and require user approval before any live post or media upload.
What this means
Posts may be published later even after the original interaction, if the daemon is left running.
Why it was flagged
The scheduler includes a daemon mode that continues checking and publishing queued posts after the initial command.
Skill content
node scripts/schedule.js daemon
Recommendation
Run the daemon only when intended, monitor the queue with the list/cancel commands, and stop the process when scheduling is no longer needed.
What this means
Users may install and run dependencies that were not surfaced in the registry metadata.
Why it was flagged
The skill relies on Node/npm dependencies even though the registry install metadata does not declare an install spec or required binaries.
Skill content
cd skills/social-scheduler npm install
Recommendation
Install from a trusted source, review package.json/package-lock.json, and ensure Node/npm setup is explicitly declared before publication.
Findings (4)
critical
suspicious.exposed_secret_literal
- Location
- scripts/platforms/twitter.js:103
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- scripts/test.js:49
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- scripts/upload-media.js:86
- Finding
- File appears to expose a hardcoded API secret or token.