Social Media Scheduler
WarnAudited by ClawScan on May 10, 2026.
Overview
This is a coherent social posting scheduler, but it handles powerful account credentials and the provided artifacts show token-like secrets in code plus undeclared local credential handling.
Do not install or run this until you inspect the flagged code files, remove and rotate any real secrets, and confirm all credentials are user-provided. If you use it, create least-privilege platform tokens, review queued and bulk posts carefully, keep the dashboard local, and stop the daemon when you do not want unattended posting.
Findings (7)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the token is real, it could expose or reuse a social media account credential and enable unintended posting or account access.
The provided static scan reports a hardcoded token-like literal in a Twitter platform module. A tool that can publish publicly should obtain posting credentials only from user-controlled config or environment, not package code.
accessToken: [REDACTED],
Inspect the flagged files before use, remove all literal secrets, rotate any exposed credentials, and require least-privilege user-provided tokens stored outside the packaged code.
The agent may look for or use a local credential file the user did not expect to be part of the skill’s permission boundary.
The artifact refers to an existing local credential file even though the registry metadata declares no primary credential or required config path. Reading or relying on local account credentials is high-impact and should be explicitly scoped.
We have: Working credentials saved in `.credentials/moltbook.json`
Remove references to pre-existing credentials, declare credential requirements clearly in metadata, and require the user to explicitly provide any Moltbook or social platform credentials.
Users may over-trust the package’s credential safety and skip the code review that is especially important for a tool with posting-account access.
This safety claim is inconsistent with the provided static scan findings that report exposed token-like literals in multiple code files.
Security-first design (no API keys in code)
Correct the documentation, verify the flagged code, and do not claim secrets are absent until scans and manual review confirm it.
A mistaken command, queued item, or credential mix-up could publish unwanted content across multiple services.
Posting to many external platforms is the core purpose, but it is still high-impact mutation authority because it can publish public or business content.
Schedule posts to multiple social media platforms: Discord, Reddit, Twitter/X, Mastodon, Bluesky, Moltbook, LinkedIn, and Telegram
Use dry runs where available, review queued posts before starting the daemon, and use separate least-privilege credentials for each platform.
Once started, the daemon can publish scheduled posts later without another immediate prompt.
The skill documents a scheduler daemon that continues running and posts later. This is expected for scheduling, but users should recognize it as persistent autonomous activity.
node scripts/schedule.js daemon
Run the daemon only when needed, monitor the queue, and stop it when you do not want unattended posting.
Future posts and activity history may remain on disk after use.
The skill stores scheduled content and analytics locally. This is purpose-aligned, but drafts, campaign timing, and failure logs may be sensitive.
storage/queue.json # Scheduled posts
└── analytics.json # Analytics dataProtect the storage directory, avoid putting secrets in post content, and clear queues or analytics when they are no longer needed.
Users have less context for trusting the package source and dependency chain.
The package provenance is not clearly identified, while the documentation instructs users to run npm install. That is not inherently unsafe, but it reduces confidence in dependency and maintainer review.
Source: unknown Homepage: none
Review package.json, package-lock.json, and npm scripts before installation; prefer pinned, auditable dependencies and a documented source repository.