linkedin-cli
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFECREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill setup process requires users to provide sensitive LinkedIn session cookies (LINKEDIN_LI_AT and LINKEDIN_JSESSIONID) via environment variables to facilitate authentication.- [EXTERNAL_DOWNLOADS]: The skill relies on the third-party linkedin-api Python package, which must be installed from a public registry.- [COMMAND_EXECUTION]: The skill implements a command-line interface (lk) that executes various Python-based commands to interact with LinkedIn profiles and messages.- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks as it reads and summarizes untrusted external data from LinkedIn.
- Ingestion points: Data from LinkedIn profiles, search results, messages, and timeline feeds (SKILL.md).
- Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands within the processed data.
- Capability inventory: The skill executes CLI commands and utilizes user-provided session credentials (SKILL.md).
- Sanitization: No content sanitization or validation mechanisms are identified in the skill instructions.
Audit Metadata