Metricool
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: metricool Version: 1.0.0 The skill bundle is benign. All scripts (`best-time.js`, `get-brands.js`, `list-scheduled.js`, `schedule-post.js`) load Metricool API credentials (METRICOOL_USER_TOKEN, METRICOOL_USER_ID) from environment variables, `~/.moltbot/moltbot.json`, or a local `.env` file, which is a standard practice for agent skills. All network requests are directed exclusively to the legitimate Metricool API domain (`https://app.metricool.com`) for the stated purpose of social media management. There is no evidence of data exfiltration to unauthorized endpoints, malicious execution, persistence mechanisms, obfuscation, or prompt injection attempts in `SKILL.md` or `README.md`.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent could queue a public social post to the wrong connected brand or multiple platforms if it invokes the script with incomplete or mistaken inputs.
If the caller omits blogId, the script auto-selects the first Metricool brand and then sends a POST request to schedule content, without a separate confirmation or dry-run step.
if (!blogId) { ... const brand = await getFirstBrandId(token, userId); blogId = brand.id; ... } ... metricoolRequest(`/scheduler/posts?blogId=${blogId}`, 'POST', scheduleData, token, userId)Require explicit user confirmation of brand, platforms, text, date/time, and media before scheduling; avoid auto-selecting the first brand for write actions.
Anyone or any agent with access to these credentials may be able to view or schedule content through the user’s Metricool account.
The skill requires a Metricool API token and user identifier, which is expected for the stated integration but grants authority over connected social accounts.
"METRICOOL_USER_TOKEN": "your-api-token", "METRICOOL_USER_ID": "your@email.com"
Store the token securely, use the least-privileged token available, rotate it if exposed, and consider manual invocation only for posting actions.
Users have less provenance information for a skill that can act on social media accounts.
The artifacts do not provide a verifiable upstream source or homepage for the skill, though the included code is visible and there is no install script.
Source: unknown Homepage: none
Review the included scripts before installation and prefer a verified source or publisher when using account-mutating integrations.