Skills
skills/sickn33/antigravity-awesome-skills/linkedin-cli/Gen Agent Trust Hub

linkedin-cli

Warn

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the agent to install an external package @linkedapi/linkedin-cli from the npm registry.
  • [COMMAND_EXECUTION]: The skill makes extensive use of a CLI tool to perform network-based operations, including a specific command linkedin workflow run that executes logic defined in external JSON files or stdin.
  • [CREDENTIALS_UNSAFE]: The setup process requires the agent to handle and input sensitive 'Linked API' and 'Identification' tokens into the CLI tool, which may be exposed in command history or process logs.
  • [PROMPT_INJECTION]: The skill is vulnerable to Indirect Prompt Injection due to its data processing capabilities.
  • Ingestion points: Data is ingested from external LinkedIn profiles, messages, and posts via person fetch, message get, and post fetch commands.
  • Boundary markers: There are no instructions provided to use delimiters or protective markers to separate ingested content from system instructions.
  • Capability inventory: The skill possesses sensitive capabilities including message send, post create, and workflow run (which can execute arbitrary workflow steps).
  • Sanitization: There is no evidence of sanitization, filtering, or validation of the content retrieved from LinkedIn before it is presented to the agent.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 27, 2026, 03:07 PM