Itinerary Carousel Post
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The skill matches its Instagram-carousel purpose, but it would use local account credentials and git/API commands to publish public content without clearly declared credential or approval boundaries.
Install only if you intend to let the agent use the specified Instagram credentials, push and delete files in the tabiji GitHub repo, and publish posts publicly. Before use, verify the helper scripts, repo path, token scope, image rights, final slides, and caption, and require a final manual confirmation before publishing.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If followed, the agent can use stored Instagram credentials to create and publish posts on the account.
The skill instructs the agent to use a local Keychain-stored Instagram access token and account ID, granting account-level publishing authority that is not reflected in the declared requirements.
Keys from macOS Keychain: - `instagram-access-token` — Graph API token - `instagram-account-id` — IG user ID (17841449394591017)
Declare the required credential, use a dedicated least-privilege token, avoid putting tokens in logs or URLs where possible, and require explicit user confirmation before any token-backed publish action.
Generated images and captions could be posted publicly to Instagram before the user has reviewed them.
The instructions can be triggered by broad content-creation requests but then direct the agent to perform a raw API publish call, with no required draft review or final approval gate.
Use when asked to create an Instagram post, carousel, or social content... **Publish**:
```bash
curl -s -X POST "https://graph.facebook.com/v21.0/${IG_USER}/media_publish"Make draft generation the default, show the final slides and caption, and require an explicit publish confirmation immediately before calling the Instagram publish endpoint.
The agent may create public GitHub commits and briefly expose generated images online, then delete them with additional git operations.
The workflow propagates generated files into a public GitHub repository before posting them to Instagram, so a bad image, caption, or source choice can affect both the repo and the social account.
Host images publicly — copy slides to tabiji repo (`img/instagram/`), git push, use raw GitHub URLs (`https://raw.githubusercontent.com/psyduckler/tabiji/main/img/instagram/slide-{N}.jpg`).Use a dedicated staging bucket or branch, confirm the exact repo/path before pushing or deleting, and require user review before public hosting.
The actual photo-finding and overlay behavior depends on other installed components that may differ from what this skill assumes.
The skill depends on other local workflows/scripts that are not included in the provided manifest or install spec, so their behavior and provenance cannot be verified from these artifacts.
Use the `instagram-photo-find` skill workflow... python3 skills/instagram-photo-text-overlay/scripts/overlay.py
Install those helper skills/scripts only from trusted sources, pin or review them, and declare them as dependencies.