Powerpost
PassAudited by ClawScan on May 1, 2026.
Overview
PowerPost is a coherent social-publishing integration, but it can use a PowerPost API key to upload content and publish publicly across connected social accounts, so users should install it only if they want that authority.
Install this skill if you want your agent to help create and possibly publish social content through PowerPost. Prefer a draft-only API key until you are comfortable with the workflow, review every draft and target platform before approving publication, and avoid uploading sensitive files or private URLs.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a read_write key is configured, the agent can publish through the user's PowerPost workspace after the documented approval step.
The skill may use a delegated API key with authority to publish to the user's connected social accounts; the lower-privilege draft-only option is also documented.
`read_write` — full access, including publishing. ... `read_draft` — can generate content and create drafts, but publishing is blocked
Use a read_draft key unless you intentionally want the agent to publish, and limit connected accounts/workspaces to the ones you want the agent to access.
A confirmed publish action can create public posts and consume PowerPost credits.
The skill's workflow includes high-impact API actions, but it explicitly requires user review and confirmation before publishing.
**Publish** the post to connected social platforms. ... Always show the user what will be published and get confirmation before calling the publish endpoint.
Review the generated draft, target platforms, media, and expected credit use before approving any publish action.
Files, text, media, and other post inputs may leave the local environment and be processed by PowerPost.
User-provided media and content are sent to the PowerPost service; the destination is disclosed and purpose-aligned.
All requests go to: `https://powerpost.ai/api/v1` ... `POST https://powerpost.ai/api/v1/media/upload` ... `-F "file=@/path/to/file"`
Do not provide sensitive files, private URLs, or confidential marketing material unless you are comfortable sending them to PowerPost.
A mistaken or inappropriate post could appear on several connected social platforms at once.
A single approved action can distribute content across multiple public channels, which is the intended feature but increases blast radius.
publishes to every account you've connected ... Works with Instagram, TikTok, X, YouTube, Facebook, LinkedIn
Use draft-first mode for important accounts, verify the selected platforms, and keep the connected-account list narrowly scoped.