linkedin

The LinkedIn skill conceptually aligns with browser-automated social actions and provides reasonable credential handling options (manual login or local env vars). The main concerns arise from the install method (curl | bash from a non-official source) and the potential for credential/cookie persistence in local environments. Overall, the footprint is suspicious but not clearly malicious: there is significant supply-chain and credential-flow risk due to the installer source and local credential storage, but the core functionality matches the described purpose if trusted installation is ensured and credentials are securely scoped. Treat as SUSPICIOUS with recommended mitigations (use official registries or signed installers, minimize credential exposure, sandbox automation, and implement explicit data retention/privacy controls).