Linkedin Content
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: linkedin-content Version: 0.1.5 The skill uses `curl -fsSL https://cli.inference.sh | sh` in SKILL.md to install a CLI tool. This method is a significant supply chain vulnerability, as it executes remote code directly without prior inspection. While the stated intent is benign (installing `infsh`), this practice introduces a critical RCE risk if the `inference.sh` domain or server were compromised, classifying it as suspicious due to this high-risk vulnerability.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used incautiously, the agent could run inference.sh apps beyond drafting and potentially publish content to a connected account.
The skill grants a wildcard inference.sh command capability and includes a public-posting command, without scoping the app runner or requiring explicit approval before account-changing actions.
allowed-tools: Bash(infsh *) ... infsh app run x/post-create --input '{ "text": "Your cross-posted version here" }'Restrict the tool permission to specific read/search or draft-generation commands, remove the X posting command unless cross-posting is a declared feature, and require explicit user confirmation before any public post.
A connected account could be used for actions beyond LinkedIn drafting, including publishing to X.
The instructions involve logging in to a provider CLI and using a posting app, which implies delegated account authority that is not clearly bounded in the skill description or requirements.
curl -fsSL https://cli.inference.sh | sh && infsh login ... infsh app run x/post-create
Declare the credential/account requirements clearly, specify which accounts may be used, and require user approval for any action that posts or changes third-party account data.
Users would be trusting an external install script and binary distribution before using the skill's CLI workflow.
The skill documents a remote CLI install path. It is disclosed and includes a checksum-verification claim, but the install script itself is outside the provided artifact set.
curl -fsSL https://cli.inference.sh | sh && infsh login ... downloads the matching binary from `dist.inference.sh`, and verifies its SHA-256 checksum
Prefer the manual install and checksum verification path, and ensure the registry metadata declares the CLI dependency if it is required.