Postiz is a tool to schedule social media and chat posts to 28+ channels X, LinkedIn, LinkedIn Page, Reddit, Instagram, Facebook Page, Threads, YouTube, Google My Business, TikTok, Pinterest, Dribbble, Discord, Slack, Kick, Twitch, Mastodon, Bluesky, Lemmy, Farcaster, Telegram, Nostr, VK, Medium, Dev.to, Hashnode, WordPress, ListMonk
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
This skill is coherently about Postiz social media automation, but it gives an agent broad ability to publish and delete posts across many connected accounts without clear approval boundaries.
Install only if you want your agent to manage Postiz-connected social accounts. Before use, configure credentials carefully, verify the external npm package, and require manual approval for posting, deleting, media uploads, and multi-platform campaigns.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent could schedule or delete social media/chat content on connected accounts if it decides those commands fit the task.
The skill permits the agent to run any Postiz CLI command and documents commands that create and delete posts, but it does not add explicit approval gates for those high-impact actions.
| **allowed-tools** | Bash(postiz:*) | ... postiz posts:create ... postiz posts:delete <post-id>
Only install for agents you trust with your social accounts, and require explicit user approval before any posts:create, posts:delete, upload, or integration-trigger command.
One bad instruction or generated post could be published across multiple public channels at once.
The documented workflow supports publishing the same content to multiple integrations in one command, increasing the blast radius of a mistaken or unintended action.
postiz posts:create -c "Content" -s "2024-12-31T12:00:00Z" -i "twitter-id,linkedin-id,facebook-id"
Use draft mode or per-platform review before multi-platform publishing, and avoid autonomous bulk posting.
Anyone or any agent with access to those credentials may be able to act through your Postiz-connected accounts.
The skill discloses persistent OAuth credential storage and API-key authentication, which are expected for Postiz but grant delegated access to connected accounts.
Credentials are stored in `~/.postiz/credentials.json`. OAuth2 credentials take priority over API key.
Use least-privilege Postiz/API credentials where possible, protect the credential file, and run `postiz auth:logout` when access is no longer needed.
Your local behavior depends on the npm package you install, not just the instruction-only skill text reviewed here.
The skill relies on a globally installed external npm package, while the reviewed skill package itself contains no executable code for inspection.
npm install -g postiz # or pnpm install -g postiz
Verify the npm package source and version before installing, and prefer pinned or trusted package versions in controlled environments.