← 返回 Skills 市场
Unipile Linkedin Sdk
作者
Mohit Yadav
· GitHub ↗
· v1.5.0
· MIT-0
177
总下载
2
收藏
0
当前安装
8
版本数
在 OpenClaw 中安装
/install unipile-linkedin-sdk
功能描述
LinkedIn integration via Unipile's official Node.js SDK. Send messages, InMail, view profiles, manage connections, create posts, and interact with content. U...
安全使用建议
This skill appears to do exactly what it claims. Before installing: (1) Verify you trust the Unipile service and the source of the skill (homepage/source URLs point to clawhub.ai, but the package author is unidentified in the bundle). (2) Prefer UNIPILE_PERMISSIONS=read for least privilege unless you explicitly need write operations. (3) Ensure UNIPILE_DSN points to the official Unipile endpoint from dashboard.unipile.com (do not set it to a third-party server you don't trust). (4) Audit the npm package 'unipile-node-sdk' (version constraints) on the npm registry if you want extra assurance, and avoid reusing the same token across unrelated services.
功能分析
Type: OpenClaw Skill
Name: unipile-linkedin-sdk
Version: 1.5.0
This skill is a legitimate integration for LinkedIn using the official `unipile-node-sdk`. It provides a CLI wrapper (`scripts/linkedin.mjs`) for managing LinkedIn profiles, messages, and posts via the Unipile API. The skill includes proactive security documentation and implements a permission-gating system based on the `UNIPILE_PERMISSIONS` environment variable to restrict the agent to read-only or write access. No evidence of malicious intent, data exfiltration, or prompt injection was found.
能力评估
Purpose & Capability
Name/description (Unipile LinkedIn SDK) match the code and instructions: the CLI uses unipile-node-sdk and requires UNIPILE_DSN and UNIPILE_ACCESS_TOKEN to interact with LinkedIn via Unipile. These credentials are appropriate for the declared functionality. Minor metadata inconsistency: registry/summary at the top lists 'Required env vars: none' while SKILL.md and the script clearly declare required env vars.
Instruction Scope
SKILL.md and scripts/linkedin.mjs limit actions to Unipile API calls (profiles, posts, messaging, invites). Instructions tell users to npm install the official SDK and set the DSN/TOKEN; the runtime script only reads the documented env vars and command-line args. There are no instructions to read unrelated files, system secrets, or to send data to unexpected endpoints (the DSN is provided by the user).
Install Mechanism
No install spec in the skill bundle (instruction-only) and the docs simply recommend 'npm install unipile-node-sdk', which is a normal, low-risk public-registry dependency. The repository includes package.json and package-lock.json with standard npm packages; there are no archive downloads or remote extract steps.
Credentials
The environment variables requested (UNIPILE_DSN, UNIPILE_ACCESS_TOKEN, optional UNIPILE_PERMISSIONS) are proportional and necessary for the described Unipile integration. The SKILL.md marks UNIPILE_ACCESS_TOKEN as primaryEnv; this is expected. Note: the earlier top-level metadata omitted these required env vars, which is an inconsistency to be aware of but does not itself indicate extra privilege.
Persistence & Privilege
The skill does not request always:true, does not modify other skills, and does not require persistent system-level privileges. It is user-invocable and allows autonomous invocation (platform default) but that is not unusual and is not combined with other red flags here.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install unipile-linkedin-sdk - 安装完成后,直接呼叫该 Skill 的名称或使用
/unipile-linkedin-sdk触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.5.0
Added optionalEnv declaration for UNIPILE_PERMISSIONS. Emphasized least-privilege (read-only) as recommended default. Added security section at top with permission guidance.
v1.4.0
Added permission system (UNIPILE_PERMISSIONS) for read/write access control. Use 'read' for safe data scraping, 'write' for write operations, or 'read,write' for full access (default).
v1.3.2
Security fix: Removed recommendation to store credentials in workspace files. Now recommends environment variables, secrets managers, or CI/CD secrets only.
v1.3.1
Fixed metadata: added source URL, corrected version, added Security & Trust section with credential handling, SDK verification, and provenance info.
v1.3.0
Restored CLI script (scripts/linkedin.mjs) for practical command-line usage. Added invocation examples and error handling docs.
v1.2.0
Added invocation examples for common use cases: profile lookup, posts by date range, messaging, invitations. Enhanced error handling docs with all error types.
v1.1.0
Refactored for AI-agent-optimized format: quick reference tables, concise method docs, removed CLI scripts
v1.0.0
Initial release - LinkedIn SDK integration with messaging, profiles, posts, and invitations
元数据
常见问题
Unipile Linkedin Sdk 是什么?
LinkedIn integration via Unipile's official Node.js SDK. Send messages, InMail, view profiles, manage connections, create posts, and interact with content. U... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 177 次。
如何安装 Unipile Linkedin Sdk?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install unipile-linkedin-sdk」即可一键安装,无需额外配置。
Unipile Linkedin Sdk 是免费的吗?
是的,Unipile Linkedin Sdk 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Unipile Linkedin Sdk 支持哪些平台?
Unipile Linkedin Sdk 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Unipile Linkedin Sdk?
由 Mohit Yadav(@mohit21gojs)开发并维护,当前版本 v1.5.0。
推荐 Skills