Interesting solution, though I think the problem here is that most of these social media giants provide API access via OAuth authorization schemes (insofar as I know, this is the only way most of these bots could possibly post on social media) allowing non-humans to post on behalf of the human. This largely isn’t for nefarious purposes either–think of all of the cross-app integrations that exist out there that post an update to your Facebook whenever you’ve met a personal running goal or something similar.
So provided a human has generated personal access tokens or OAuth-authorized credentials, a non-human would be able to act on the behalf of the human and post any content it wanted to.
Thinking about the use case of automated users (non-nefarious bots), one approach would be to label those accounts explicitly, like Slack does when you use a Slack bot.
I haven’t been on Facebook in awhile, but if I remember correctly this is already implemented in Facebook.
Near the time stamp there (used to be) a string that linked back to a website for an app-originated update.