Postiz is a tool to schedule social media and chat posts to 28+ channels X, LinkedIn, LinkedIn Page, Reddit, Instagram, Facebook Page, Threads, YouTube, Google My Business, TikTok, Pinterest, Dribbble, Discord, Slack, Kick, Twitch, Mastodon, Bluesky, Lemmy, Farcaster, Telegram, Nostr, VK, Medium, Dev.to, Hashnode, WordPress, ListMonk
Security checks across malware telemetry and agentic risk
Overview
This skill appears to do what it claims, but it gives an agent broad ability to publish, schedule, upload media for, and delete posts across connected social accounts without explicit approval guardrails.
Use this only if you want an agent to help operate Postiz. Before allowing create, delete, connect, or upload commands, ask the agent to show the exact content, platforms, integration IDs, schedule, and consequences, and prefer draft/test posts until you are confident.
VirusTotal
64/64 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent could publish, schedule, upload media for, or delete content from your connected social channels if it misinterprets a request or acts too broadly.
The skill exposes broad Postiz CLI execution and documents commands that can create and delete posts on connected social accounts, without an explicit approval or preview requirement before high-impact public actions.
| **allowed-tools** | Bash(postiz:*) | ... postiz posts:create ... # Delete post postiz posts:delete <post-id>
Only install if you are comfortable with agent-assisted social posting. Require the agent to show the exact post, target integrations, schedule time, and deletion target before running create/delete commands; consider using drafts by default.
Anyone or any agent process that can use these credentials may be able to act on your Postiz-connected accounts.
The skill requires Postiz API/OAuth credentials and stores OAuth credentials locally; this is expected for Postiz but gives access to connected social media integrations.
Required env ... ["POSTIZ_API_URL", "POSTIZ_API_KEY"] ... Credentials are stored in `~/.postiz/credentials.json`. OAuth2 credentials take priority over API key.
Use the least-privileged Postiz credential available, protect `~/.postiz/credentials.json`, avoid sharing API keys in chat, and revoke credentials when no longer needed.
You are trusting the external npm package with local execution and Postiz credentials.
The skill is instruction-only and tells users to install a global external npm CLI package; this is central to the purpose, but the package code itself was not included in the reviewed artifacts.
npm install -g postiz # or pnpm install -g postiz
Install from the official package/repository, pin a known version where possible, and consider testing in an isolated environment before giving it real credentials.