SOCIAL(1)General Commands ManualSOCIAL(1)
social

// security

LinkedIn Account Safety

How social keeps connected LinkedIn accounts safe when agents research, post, reply, invite, and message through a founder's real account.

The short version: social is built for technical founders who already run agents in their terminal and want those agents to handle founder-led distribution without burning their LinkedIn account. The agent can operate, but the founder remains the principal: scoped sessions, auditable calls, account-bound proxying, and visible platform errors keep the boundary legible.

What protects your account

LinkedIn traffic is proxied through a managed account connection. Each connected account gets its own protected session, repeated reads can be cached, and provider-aware safeguards run before requests reach LinkedIn.

social adds the product boundary around that infrastructure. Every LinkedIn request goes through an allowlisted proxy, write calls require a write-scoped CLI session, forbidden Recruiter and Agenda surfaces are blocked, and usage is metered so account activity can be audited instead of guessed.

What gets accounts flagged

The riskiest pattern is not "using an agent." It is making the account behave unlike a real person. Fresh or fake accounts, fixed-interval polling, back-to-back bursts, repeated retries after throttling, and scraping forbidden LinkedIn surfaces are the behaviors social is designed not to encourage.

First connection can also trigger LinkedIn's own credential-sharing warning. That warning is expected during some browser-based connects; the important thing is that the account should be real, established, and operated at human-scale volume.

Practical daily ceilings

LinkedIn does not publish official limits for these surfaces. The ceilings below come from provider guidance and should be treated as maximums, not goals.

ActionCeilingApplies to
Invitations80-100/day for paid accounts; much lower for free accounts with notesuser connection-request
Profile and company readsabout 100/day for standard LinkedIn accountsusers, companies, company employees
Search results1,000/day for standard LinkedIn accountspeople search and post search
Posts, comments, reactions, messagesabout 100/day per actionvisible write actions
Connections pollingwebhook-first; otherwise only a few randomized checks per dayconnections reads

Error rules agents should follow

social does not hide upstream LinkedIn errors that matter. If LinkedIn says an invitation cannot be resent yet, do not retry that target. If an account receives a 429 or LinkedIn's catch-all 500, stop that action for the account and back off instead of trying again within the hour.

Write calls are especially sensitive: proxy-layer retries can create duplicate posts, duplicate messages, or repeated invitations. New visible write commands should default to a dry run until the founder explicitly approves the action.

What is enforced today

  • Allowlist and capability gating. Read calls require read scope; POST, PATCH, and DELETE calls require write scope.
  • Forbidden surfaces are blocked. Recruiter and Agenda endpoint templates are rejected before they can reach the upstream provider.
  • Per-account binding. Each connected LinkedIn account is tied to its own protected provider session, keeping proxy state pinned to one human account.
  • Webhook-first sync. Connection changes come through webhooks instead of aggressive cron polling.

What comes next

The main open item is server-side quota enforcement. Before scaling material LinkedIn write traffic, social should add per-account daily counters, throttle-state surfacing, account-age ramping for new connects, and durable write-attempt logs.

If you are building a new LinkedIn surface, start from the internal security checklist in docs/security/linkedin.md. If you are evaluating the product as a founder, the operating model is simple: connect a real account, keep the agent inside scoped sessions, and treat rate-limit errors as stop signs.

Source: the social security checklist in docs/security/linkedin.md.

Back to account safety