social-autoposter

The social-autoposter skill presents a coherent, purpose-aligned feature set with proportionate credentials and data flows. It relies on local config/env data to drive browser/API-based posting and engagement while logging activity to a local database. There are no clear indicators of malicious intent (no unverifiable binaries, credential harvesting, or exfiltration to unknown endpoints). The main risks lie in potential autonomous actions and data exposure through logs; these are mitigated by rate limits and explicit manual post workflows, but require careful runtime governance and access controls. Overall, the footprint is Benign with elevated suspicion only around autonomy and data handling in environments with weak security controls.