ClawHub

LinkedIn Automation by Linked API

Security checks across malware telemetry and agentic risk

Overview

This skill is for real LinkedIn automation and is mostly coherent, but it gives an agent broad live account authority without enough consent and credential-handling guardrails.

Install only if you intentionally want an agent to operate a real LinkedIn account through Linked API. Verify the npm package and provider, avoid pasting tokens into chat or logs, understand how to revoke access, and require explicit approval before any message, InMail, connection change, post, comment, reaction, reset, or custom workflow run.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The skill exposes `linkedin workflow run`, which accepts workflow definitions from a file, stdin, or inline JSON and points users to an external workflow schema. That materially broadens the capability surface beyond the documented fixed LinkedIn actions, enabling arbitrary higher-level automation through an opaque workflow engine that the agent may not be able to reason about or constrain safely.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The authentication section instructs users to provide Linked API and identification tokens and includes account setup/reset operations, but it does not warn that these are sensitive credentials or that reset commands can remove account configuration. In an agent setting, missing warnings increase the chance that users disclose secrets in chat or approve destructive account actions without understanding the consequences.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill supports sending messages, InMails, connection requests, posts, reactions, and comments on the user's behalf without clearly warning that these actions are externally visible and may contact third parties. In an autonomous-agent context, omission of consent and privacy warnings makes accidental spam, reputational harm, and unintended outreach more likely.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal