Social Media Scheduler
Security checks across malware telemetry and agentic risk
Overview
The scheduler’s purpose is clear, but it needs review because its artifacts appear to include hardcoded social-media access tokens and under-declare the credentials/setup it requires.
Review before installing. This tool can publish to real social accounts and appears to include hardcoded token literals despite claiming no API keys are in code. Wait for the maintainer to remove and rotate any exposed credentials, inspect the npm dependencies and scripts, use least-privilege test credentials, and only run the daemon after verifying the scheduled queue.
VirusTotal
66/66 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the tokens are real or active, they could expose or misuse social-media accounts, and users cannot easily tell which account a post might affect.
The static scan reports a hardcoded access token literal in a Twitter platform script; similar exposed-secret findings were reported in Mastodon, test, and media-upload scripts. A scheduler should use the user’s supplied tokens, not ship credentials in executable code.
accessToken: [REDACTED],
Do not install until the maintainer removes hardcoded credentials, rotates any exposed tokens, and verifies that all platform credentials come only from user-controlled config or environment variables.
Users may believe the skill never includes credentials in code and may skip the review needed for a tool that can post publicly.
This safety claim is contradicted by the provided static scan findings for hardcoded token literals, which could cause users to over-trust the skill’s credential handling.
🔒 Security-first design (no API keys in code)
Update the documentation to match the implementation, remove any secrets from the package, and provide clear credential-storage guidance.
Mistyped or unintended commands could publish content, comments, threads, or media to real accounts.
The skill can create posts/comments across many third-party platforms. This is the stated purpose, but it is high-impact authority over public accounts.
Schedule posts to multiple social media platforms: ... Reddit - Posts & comments via OAuth2 ... Twitter/X - Tweets via OAuth 1.0a ... LinkedIn ... Telegram
Use least-privilege tokens, test with private or test destinations first, and require explicit human approval before publishing or bulk scheduling.
Posts may be published later while the daemon is running, possibly after the user has forgotten what was queued.
Starting a daemon means scheduled actions can occur later after the initial command. This is expected for a scheduler but should be visible and user-controlled.
node scripts/schedule.js daemon
Start the daemon only when needed, inspect the queue regularly, and stop/cancel scheduled posts when they are no longer intended.
Users may run a dependency install that was not obvious from the registry metadata.
The documentation asks users to install Node dependencies even though the registry lists no install spec or required binaries. This is normal for a Node tool, but it is under-declared in metadata.
cd skills/social-scheduler npm install
Inspect package.json/package-lock.json before installing, and the publisher should declare the Node/npm setup requirements in metadata.