LinkedIn Skill
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill’s LinkedIn automation purpose is clear, but it can use third-party tokens to message, connect, and post from a LinkedIn account through an unreviewed CLI without visible approval limits.
Install only if you trust Linked API and the npm CLI. Before providing tokens, verify how credentials are stored and revoked, and require manual approval for every outgoing message, connection action, post, reaction, or comment.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent could send messages, change connections, or publish/react/comment from the user's LinkedIn account in ways that affect reputation or trigger account enforcement.
These are high-impact LinkedIn account actions. In the provided visible instructions, they are presented as normal tool operations without clear approval, preview, or scoping requirements.
send messages and InMails, manage connections, create posts, react, comment
Require explicit user confirmation for every mutating action, show the exact recipient/content before sending or posting, and add clear rate, audience, and rollback/cleanup guidance.
Anyone or anything with access to those configured tokens may be able to perform LinkedIn actions through the connected account, depending on the provider's controls.
The skill asks the user to delegate a LinkedIn-connected account to a third-party service and configure tokens that can support broad account actions.
Connect their LinkedIn account ... Copy the Linked API Token and Identification Token ... linkedin setup --linked-api-token=TOKEN --identification-token=TOKEN
Only provide tokens if the provider is trusted, document the exact scopes and storage location, support revocation, and declare the credential requirement in metadata.
A changed or compromised package could receive LinkedIn automation tokens or perform unintended account actions.
The skill depends on a globally installed, unpinned npm package, while the submitted artifact set contains no reviewed implementation code or install specification.
If `linkedin` is not available, install it: npm install -g @linkedapi/linkedin-cli
Pin the CLI version, provide a verified source/homepage and install spec, and require user approval before installing or updating the package.
Profile URLs, searches, message content, and account actions may be processed by the Linked API service.
The skill discloses that LinkedIn actions and related data are routed through a third-party cloud-browser service; this is purpose-aligned but privacy-sensitive.
Each command sends a request to Linked API, which runs a real cloud browser to perform the action on LinkedIn.
Review the provider's privacy and security terms before connecting an account, and avoid sending sensitive message content unless necessary.