Social Posting

The skill's prose describes storing user OAuth credentials, database integration, and several environment secrets, but the registry metadata declares no required env vars or config — those mismatches and omitted deployment requirements are inconsistent and warrant caution.

This skill claims to manage OAuth credentials, encrypt them, and persist post history, but the published metadata does not list the corresponding environment variables, database configuration, or storage requirements. Before installing: 1) ask the publisher to provide complete, accurate requirements (which env vars, where credentials are stored, and what DB/config is needed); 2) verify and trust the external provider domains (api.postforme.dev, getlate.dev) and the owner; 3) do not supply sensitive keys or DB credentials until you confirm the storage model and encryption details (who has access to ENCRYPTION_KEY, where the data is hosted); 4) prefer skills that explicitly declare required env vars and config paths and that document where per-user credentials are stored and how they can be deleted. If the author cannot clarify these gaps, treat the skill as risky and avoid connecting real social accounts or secrets.