Social Growth Ops
v1.0.0Plans, drafts, and schedules social media content (posts, reels, threads) with strict anti-spam and safety rules. Use when the user asks for a content calend...
⭐ 0· 81·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description match the instructions: task is content calendar, drafts, safety checks, and n8n handoff. The skill requests no unrelated binaries, env vars, or config paths — all required inputs are user-provided content/brand parameters, which is appropriate.
Instruction Scope
Instructions are narrowly scoped to drafting, safety checks, and producing scheduling payloads for workflow runners. Strong guardrails require an explicit user confirmation token (CONFIRM SOCIAL POST) before posting. One minor scope note: it allows the agent to 'ask (or infer from history)' for brand voice inputs — inferring from conversation history gives the agent broader discretion to use prior context; if you want to limit that, instruct the agent to ask instead of inferring.
Install Mechanism
Instruction-only skill with no install spec and no code files. This is low risk because nothing is written to disk and no external packages are pulled.
Credentials
The skill requires no environment variables, credentials, or config paths. That is proportionate to its stated purpose of producing drafts and handoff payloads. It explicitly forbids revealing secrets and forbids auto-actions without confirmation.
Persistence & Privilege
always:false (normal). disable-model-invocation:false (default autonomous invocation allowed) — this is the platform default and not a problem by itself, but remember autonomous invocation increases blast radius if the skill were later modified or combined with credentials.
Assessment
This skill appears coherent and low-risk: it drafts content, runs safety checks, and emits scheduling payloads but does not auto-post without the explicit 'CONFIRM SOCIAL POST' token. Before installing, confirm you are comfortable with the agent using conversation history to infer brand inputs (or instruct it to always ask). Because the skill's source/homepage is unknown, avoid providing account credentials or API tokens to the skill itself — instead keep posting credentials in your workflow runner (n8n) and only hand the agent draft IDs and publishing instructions after manual review. If you plan to wire this to automation, verify the produced n8n payloads offline and test idempotency behavior in a safe environment before granting posting rights.Like a lobster shell, security has layers — review code before you run it.
latestvk978qdwx14cdqpdq3t2yq7229s83d4yh
License
MIT-0
Free to use, modify, and redistribute. No attribution required.