Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
X Twitter Poster
v0.1.3X (Twitter) 发推 Skill。使用 Playwright 连接用户已登录的 Chrome 浏览器,自动填写并发送推文。 适用场景: - 用户要求"发推"、"发一条推"、"发推文"、"发推特" - 用户要求"帮我发一条关于 XX 的推" - 用户要求"发一条推文,内容是..." 核心能力: - 连接用户...
⭐ 0· 344·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description, SKILL.md, and the code all consistently implement posting to X by connecting Playwright to a user Chrome instance over CDP. The dependency on Playwright and the need for a CDP URL is appropriate for this functionality.
Instruction Scope
The instructions explicitly require opening Chrome with --remote-debugging-port and connecting to that local endpoint, which grants the skill access to all browser tabs, cookies, and sessions. That scope is necessary for the stated approach but is high-risk; the SKILL.md and README explicitly warn about these risks and advise mitigations.
Install Mechanism
There is no install spec in the registry, but package.json declares playwright as a dependency. Installing Playwright (npm install) is expected for this skill but is a non-trivial dependency (binaries, browsers). No suspicious download URLs or extract steps are present.
Credentials
The code reads CDP_URL and X_USERNAME from environment variables (with sensible defaults). CDP_URL is sensitive because it exposes the browser; however, requesting it is proportional to the chosen implementation. Registry metadata lists no required env vars, which is a minor metadata/documentation mismatch but not a functional inconsistency.
Persistence & Privilege
The skill does not request persistent 'always' inclusion, does not modify other skills or global agent settings, and does not store credentials. It runs on-demand and is not granted extraordinary platform privileges.
Assessment
This skill does what it says: it connects to a Chrome instance via the remote debugging (CDP) port to type and send a tweet. That design inherently allows full access to your browser (tabs, cookies, sessions), so only enable the CDP port in a controlled context. Before using: (1) review post_tweet.js yourself or have someone you trust review it; (2) run it with a throwaway Chrome profile or inside a disposable VM/container, not your primary account; (3) install dependencies (npm install) in an isolated environment; (4) manually start Chrome with --remote-debugging-port and close that port when done; (5) verify network activity if you are worried about data exfiltration — the included code does not call external endpoints beyond connecting to the local CDP and navigating the browser to x.com. If you cannot follow these precautions, do not enable the CDP port or run this skill.Like a lobster shell, security has layers — review code before you run it.
latestvk97537yb7r9xx7ct8pxtrq8my58376nh
License
MIT-0
Free to use, modify, and redistribute. No attribution required.