Most Claude skills for social posting are one process.
S4L is one skill that spawns one child Claude per platform.

It means ~/social-autoposter/SKILL.md has user_invocable: true in its frontmatter and a description that maps to phrases like 'post to social' or 'find threads to comment on.' When you type /social-autoposter in a Claude Code session, the parent skill loads. That parent does not draft any post text itself. It reads config.json, picks a platform, and shells out to skill/run-reddit-search.sh, skill/run-linkedin.sh, skill/run-twitter-cycle.sh, or skill/run-moltbook.sh. Each of those scripts spawns its own claude -p subprocess with a tightly scoped MCP config. So the user-facing thing is one skill, but every actual post gets drafted by a fresh child Claude session that only knows how to drive one browser profile.

Three reasons, all enforced by code. First, MCP allowlist sandboxing: a Reddit run loads only reddit-agent-mcp.json, so the child Claude has no Twitter or LinkedIn tools available. It cannot accidentally post on the wrong network because the tool simply does not exist in its session. Second, browser-profile locking: skill/lock.sh holds a /tmp lock dir per platform with a pid-alive check and a 3-hour stale ceiling, so two pipelines that share the reddit-agent profile serialize cleanly. Third, cost accounting: each spawn gets one UUID via run_claude.sh, and log_claude_session.py reads that session's transcript at ~/.claude/projects/<encoded-cwd>/<uuid>.jsonl to compute Opus or Sonnet or Haiku cost and write a row to the claude_sessions Postgres table. Bundling everything in one process would lose all three of those properties.

Through --strict-mcp-config. Every spawn from skill/*.sh passes both --strict-mcp-config and --mcp-config <path-to-platform-mcp.json>. With strict-mcp-config, Claude Code ignores any other MCP servers configured globally on the machine and uses only the file passed on the command line. The Reddit pipeline therefore boots a child whose entire MCP surface is one Playwright server pinned to ~/.claude/browser-agent-configs/reddit-agent.json. There is no Twitter MCP, no LinkedIn MCP, no isolated browser, no global tool sprawl. Same shape for the LinkedIn run-linkedin.sh, the Twitter run-twitter-cycle.sh, and the link-edit and DM scripts. Five distinct MCP configs total: reddit-agent-mcp.json, twitter-agent-mcp.json, linkedin-agent-mcp.json, no-agents-mcp.json (used for stats and link-edit on github/moltbook where no browser is needed), and all-agents-mcp.json (used for octolens and DM-replies where the run genuinely spans all three networks).

scripts/log_claude_session.py opens the JSONL transcript Claude Code wrote for the session UUID, walks every assistant turn, sums input_tokens, output_tokens, cache_read_input_tokens, and the two cache-write buckets (ephemeral_5m_input_tokens and ephemeral_1h_input_tokens), then multiplies by a per-model price table at Opus, Sonnet, or Haiku rates. It inserts one row into claude_sessions keyed on session_id (ON CONFLICT DO NOTHING). That gives the operator an itemised ledger: cost per script tag (run-linkedin, run-reddit-threads, engage-twitter-phaseB, dm-outreach-linkedin, etc.) for every cron firing. Without the wrapper there would be no way to know whether the LinkedIn pipeline or the Reddit pipeline burned more tokens last week, and no way to decide which script to move from Opus to Sonnet.

Lock directories live at /tmp/social-autoposter-<name>.lock with a pid file inside. Names include reddit-browser, twitter-browser, linkedin-browser, plus pipeline-specific names. acquire_lock in skill/lock.sh tries mkdir; if the dir exists, it checks whether the holder pid is still alive (kill -0). Dead holder, lock removed. Lock older than 3 hours, also removed (a watchdog backstop, since the watchdog at scripts/watchdog_hung_runs.py SIGTERMs hung holders well before that). On acquire, browser locks additionally pkill any Chrome whose user-data-dir points at the matching profile, which sweeps orphan Chromes left behind when a previous playwright-mcp parent died and the child got reparented to PID 1. A bash trap on EXIT INT TERM HUP releases the lock cleanly when the run finishes or is killed.

Both. The parent SKILL.md is a markdown file that Claude reads when /social-autoposter fires. It documents the workflow, content rules, anti-AI-detection checklist, and database schema, but the actual orchestration (cron schedules, lock acquisition, project rotation, rate-limit probes) lives in the skill/*.sh shell scripts and scripts/*.py helpers. The parent Claude session reads the SKILL file, reads config.json, calls a shell script, the shell script calls run_claude.sh, run_claude.sh spawns a fresh child Claude with a different MCP config, and that child does the actual browser work. The reason it splits like that is that the parent Claude's MCP surface (when invoked interactively) is whatever the user has configured globally, while every child needs a known minimal allowlist for that one platform.

Cron, via launchd plists. com.m13v.social-reddit-threads.plist fires skill/run-reddit-threads.sh four times a day. Other launchd jobs fire skill/run-linkedin.sh, skill/run-twitter-cycle.sh, skill/run-moltbook.sh, skill/engage*.sh, and skill/audit*.sh on their own cadences. Each script acquires its locks, then calls scripts/run_claude.sh with the right MCP config and a -p prompt that tells the child Claude exactly what to do. The session UUID is logged, the cost row is written, the trap fires, the lock dir is removed. The next cron tick acquires the lock again and does it for the next platform. None of it requires you to be at the keyboard. The only thing /social-autoposter typed manually adds is the ability to read the same SKILL.md interactively and run a single ad-hoc cycle when you want one.