critical
suspicious.exposed_secret_literal
- Location
- scripts/platforms/mastodon.js:94
- Finding
- File appears to expose a hardcoded API secret or token.
Social Media Scheduler
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.exposed_secret_literal
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
What this means
If the token is real, it could expose or reuse a social media account credential and enable unintended posting or account access.
Why it was flagged
The provided static scan reports a hardcoded token-like literal in a Twitter platform module. A tool that can publish publicly should obtain posting credentials only from user-controlled config or environment, not package code.
Skill content
accessToken: [REDACTED],
Recommendation
Inspect the flagged files before use, remove all literal secrets, rotate any exposed credentials, and require least-privilege user-provided tokens stored outside the packaged code.
What this means
The agent may look for or use a local credential file the user did not expect to be part of the skill’s permission boundary.
Why it was flagged
The artifact refers to an existing local credential file even though the registry metadata declares no primary credential or required config path. Reading or relying on local account credentials is high-impact and should be explicitly scoped.
Skill content
We have: Working credentials saved in `.credentials/moltbook.json`
Recommendation
Remove references to pre-existing credentials, declare credential requirements clearly in metadata, and require the user to explicitly provide any Moltbook or social platform credentials.
What this means
Users may over-trust the package’s credential safety and skip the code review that is especially important for a tool with posting-account access.
Why it was flagged
This safety claim is inconsistent with the provided static scan findings that report exposed token-like literals in multiple code files.
Skill content
Security-first design (no API keys in code)
Recommendation
Correct the documentation, verify the flagged code, and do not claim secrets are absent until scans and manual review confirm it.
What this means
A mistaken command, queued item, or credential mix-up could publish unwanted content across multiple services.
Why it was flagged
Posting to many external platforms is the core purpose, but it is still high-impact mutation authority because it can publish public or business content.
Skill content
Schedule posts to multiple social media platforms: Discord, Reddit, Twitter/X, Mastodon, Bluesky, Moltbook, LinkedIn, and Telegram
Recommendation
Use dry runs where available, review queued posts before starting the daemon, and use separate least-privilege credentials for each platform.
What this means
Once started, the daemon can publish scheduled posts later without another immediate prompt.
Why it was flagged
The skill documents a scheduler daemon that continues running and posts later. This is expected for scheduling, but users should recognize it as persistent autonomous activity.
Skill content
node scripts/schedule.js daemon
Recommendation
Run the daemon only when needed, monitor the queue, and stop it when you do not want unattended posting.
What this means
Future posts and activity history may remain on disk after use.
Why it was flagged
The skill stores scheduled content and analytics locally. This is purpose-aligned, but drafts, campaign timing, and failure logs may be sensitive.
Skill content
storage/queue.json # Scheduled posts
└── analytics.json # Analytics dataRecommendation
Protect the storage directory, avoid putting secrets in post content, and clear queues or analytics when they are no longer needed.
What this means
Users have less context for trusting the package source and dependency chain.
Why it was flagged
The package provenance is not clearly identified, while the documentation instructs users to run npm install. That is not inherently unsafe, but it reduces confidence in dependency and maintainer review.
Skill content
Source: unknown Homepage: none
Recommendation
Review package.json, package-lock.json, and npm scripts before installation; prefer pinned, auditable dependencies and a documented source repository.
Findings (4)
critical
suspicious.exposed_secret_literal
- Location
- scripts/platforms/twitter.js:103
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- scripts/test.js:54
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- scripts/upload-media.js:86
- Finding
- File appears to expose a hardcoded API secret or token.