Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Linkedin - automation
v1.0.1LinkedIn automation — post (with image upload), comment (with @mentions), edit/delete comments, repost, read feed, analytics, like monitoring, engagement tracking, and content calendar with approval workflow. Uses Playwright with persistent browser profile. Use for any LinkedIn task including content strategy, scheduled publishing, engagement analysis, and audience growth.
⭐ 4· 2.7k·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description (LinkedIn automation) matches the code: Playwright-based browser automation for posting, commenting, scraping, analytics and a content-calendar webhook. However there are some unexpected or specific choices — e.g., defaults and comments that reference particular people ('Andreas Kulpa') and server paths (/var/www/preview) that are not explained by the stated purpose.
Instruction Scope
Runtime instructions ask you to provide a persistent Chromium profile (i.e., an active LinkedIn session) and to run a local webhook service. The code performs read/write of local files, scans other profiles (scrape/activity/analytics/feed), and can auto-apply edits via the webhook — despite the SKILL.md warning against scraping/commercial use. The webhook serves JSON with CORS='*' (although bound to 127.0.0.1 by default). These behaviors expand scope beyond simple read-only analytics and require care.
Install Mechanism
No automated install spec is included (instruction-only), but the code requires Playwright (requirements.txt) and manual setup (pip install/playwright install chromium). This is expected for a Playwright-based tool; risk is moderate because Playwright downloads browsers and runs local automation.
Credentials
Registry metadata lists no required env vars, but SKILL.md and the code use multiple env vars (LINKEDIN_BROWSER_PROFILE, LINKEDIN_DEBUG, LINKEDIN_LIKES_STATE, CC_DATA_FILE, CC_ACTIONS_FILE, CC_WEBHOOK_PORT, CC_WAKE_FILE, LINKEDIN_VENV_PACKAGES). The skill needs access to a persistent browser profile (which implicitly gives it your logged-in LinkedIn session). That is expected for the purpose, but it is a high-privilege artifact and should be isolated; the mismatch between declared and actually used env vars is misleading.
Persistence & Privilege
The skill is not always-included and does not request elevated platform flags, but it persists state to disk (~/.linkedin-likes-state.json, ~/.linkedin-style.json), writes webhook data files, and the default data file path (/var/www/preview/cc-data.json) could expose content if that directory is web-served. It also suggests running the webhook as a systemd service and auto-posting via cron — these increase persistent presence and blast radius if misconfigured.
What to consider before installing
This skill is functionally coherent with LinkedIn browser automation but contains multiple risky defaults and undocumented assumptions. Before installing or running it: 1) Review and change default file paths (avoid /var/www/preview; set data and actions files to a safe user-owned directory). 2) Run the automation with a dedicated Chromium profile created only for automation (do not point it at a browser profile that contains other accounts or unrelated cookies). 3) Keep the webhook bound to localhost and do not port-forward it; if you must expose it, add authentication and remove CORS '*' first. 4) Audit the code for any automatic actions — the webhook will auto-apply simple edits and the skill supports cron auto-posting; ensure you understand and disable any automatic posting or auto-apply behavior unless you explicitly want it. 5) Note the hardcoded/person-specific logic (e.g., name filtering) and adjust or remove it. 6) Run the tool in an isolated environment (VM/container) until you are confident it behaves as expected. If you are uncomfortable with any of these steps or do not understand how to isolate a browser profile, avoid installing or running the skill.Like a lobster shell, security has layers — review code before you run it.
latestvk97d8j5chqm65zd9cqa6799d5d80g7jg
License
MIT-0
Free to use, modify, and redistribute. No attribution required.