storyagent_linkedin
PassAudited by ClawScan on May 10, 2026.
Overview
This skill appears to be a straightforward Unipile/LinkedIn CLI integration, but using it can read private LinkedIn data and perform visible actions like sending messages or posting from your account.
Install only if you intend to let the agent operate your LinkedIn account through Unipile. Treat the Unipile token like a password, confirm all message/post/invitation text before sending, and use the smallest data queries needed for the task.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone or any agent with this token-enabled skill could potentially read LinkedIn account data and perform LinkedIn actions through the connected account.
The skill needs a delegated Unipile token that can access the user's connected LinkedIn account. This is expected for the stated purpose, but it is sensitive account authority.
`UNIPILE_ACCESS_TOKEN` - Your Unipile access token
Store the token securely, use the least-privileged Unipile access available, verify the target account_id before use, and revoke the token if you stop using the skill.
A mistaken or overly broad instruction could send an unintended message, invitation, comment, reaction, or post from the user's LinkedIn account.
The script exposes write actions that can message people, send connection invitations, and create public LinkedIn posts. These actions match the stated purpose, but they can affect the user's reputation and account state.
client.messaging.sendMessage({ ... }); ... client.users.sendInvitation({ ... }); ... client.users.createPost({ ... });Before using send, start-chat, invite, create-post, comment, or react, require explicit user confirmation of the exact recipient, target post, and final text.
Private LinkedIn conversations, profile information, and connection data may be shown to the agent and may appear in local logs or conversation history depending on the runtime.
The skill can retrieve LinkedIn chats, messages, profiles, and connections into the agent's output/context. This is purpose-aligned, but the retrieved content may be private or sensitive.
`./scripts/linkedin.mjs messages <chat_id> [--limit=N]` # List messages in chat
Only request the minimum needed LinkedIn data, avoid pulling sensitive chats unless necessary, and redact or avoid sharing confidential message contents.
Installing or updating dependencies may execute third-party package code that is outside the reviewed skill script.
The skill relies on external npm packages, including the Unipile SDK. This is expected for the integration, and a package-lock is present, but package.json uses version ranges and the registry metadata provides no install spec.
"dependencies": { "dotenv": "^17.2.4", "unipile-node-sdk": "^1.9.3" }Install with the provided lockfile where possible, review dependency provenance, and avoid unreviewed dependency updates in sensitive environments.