Skip to main content

hootsuite-core-workflow-b

Executes Hootsuite's Core Workflow B for social media analytics and URL shortening, enhancing social media management efficiency.

Install this skill

or
6/100

Security score

The hootsuite-core-workflow-b skill was audited on May 18, 2026 and we found 22 security issues across 3 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 46

Template literal with variable interpolation in command context

SourceSKILL.md
46const response = await fetch(`${BASE}/me/organizations`, {
medium line 47

Template literal with variable interpolation in command context

SourceSKILL.md
47headers: { 'Authorization': `Bearer ${TOKEN}` },
medium line 58

Template literal with variable interpolation in command context

SourceSKILL.md
58const response = await fetch(`${BASE}/shorteners/owly`, {
medium line 61

Template literal with variable interpolation in command context

SourceSKILL.md
61'Authorization': `Bearer ${TOKEN}`,
medium line 67

Template literal with variable interpolation in command context

SourceSKILL.md
67console.log(`${fullUrl} → ${data.shortUrl}`);
medium line 81

Template literal with variable interpolation in command context

SourceSKILL.md
81const response = await fetch(`${BASE}/messages/${messageId}`, {
medium line 82

Template literal with variable interpolation in command context

SourceSKILL.md
82headers: { 'Authorization': `Bearer ${TOKEN}` },
medium line 85

Template literal with variable interpolation in command context

SourceSKILL.md
85console.log(`Message: ${data.text?.substring(0, 50)}...`);
medium line 86

Template literal with variable interpolation in command context

SourceSKILL.md
86console.log(`State: ${data.state}`);
medium line 87

Template literal with variable interpolation in command context

SourceSKILL.md
87console.log(`Sent: ${data.sentAt}`);
medium line 94

Template literal with variable interpolation in command context

SourceSKILL.md
94`${BASE}/messages?socialProfileIds=${profileId}&state=SENT&limit=20`,
medium line 95

Template literal with variable interpolation in command context

SourceSKILL.md
95{ headers: { 'Authorization': `Bearer ${TOKEN}` } },
medium line 99

Template literal with variable interpolation in command context

SourceSKILL.md
99console.log(`[${msg.sentAt}] ${msg.text?.substring(0, 60)}`);
medium line 109

Template literal with variable interpolation in command context

SourceSKILL.md
109const response = await fetch(`${BASE}/socialProfiles/${profileId}`, {
medium line 110

Template literal with variable interpolation in command context

SourceSKILL.md
110headers: { 'Authorization': `Bearer ${TOKEN}` },
medium line 113

Template literal with variable interpolation in command context

SourceSKILL.md
113console.log(`Profile: @${data.socialNetworkUsername}`);
medium line 114

Template literal with variable interpolation in command context

SourceSKILL.md
114console.log(`Network: ${data.type}`);
medium line 115

Template literal with variable interpolation in command context

SourceSKILL.md
115console.log(`ID: ${data.id}`);
low line 42

Access to .env file

SourceSKILL.md
42const TOKEN = process.env.HOOTSUITE_ACCESS_TOKEN!;
low line 43

External URL reference

SourceSKILL.md
43const BASE = 'https://platform.hootsuite.com/v1';
low line 137

External URL reference

SourceSKILL.md
137- [Hootsuite API Reference](https://apidocs.hootsuite.com/docs/api/index.html)
low line 139

External URL reference

SourceSKILL.md
139- [Analytics Guide](https://help.hootsuite.com/hc/en-us/articles/1260804306749)
Scanned on May 18, 2026
View Security Dashboard
Installation guide →
GitHub Stars 2.2K
Rate this skill
Categorymarketing
UpdatedMay 20, 2026
claude-codeapisocial-media-managermarketing-analystcontent-marketerhootsuitemarketing
jeremylongshore/claude-code-plugins-plus-skills