Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
X To Kindle
v0.1.1Send X/Twitter posts to Kindle for distraction-free reading. Use when user shares an X/Twitter link and wants to read it on Kindle, or asks to send a tweet/thread to their Kindle device.
⭐ 0· 1.3k·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description match the implementation: the skill fetches tweet content (via fxtwitter), formats HTML and sends it to a Kindle email. However, the registry metadata declares no required environment variables or primary credential, while SKILL.md and send_to_kindle.py require SMTP_EMAIL, SMTP_PASSWORD and KINDLE_EMAIL; this metadata mismatch is inconsistent and could mislead users about what secrets the skill needs.
Instruction Scope
Runtime instructions stay within the stated purpose (fetch tweet, build HTML, email to Kindle) but they also instruct writing files to /tmp and invoking a tool that will send any local file path given. The tool accepts arbitrary file paths and will email their contents, which is powerful and could be abused to exfiltrate sensitive local files if the agent or user supplies a path other than the generated article.
Install Mechanism
No install spec (instruction-only with a small Python script included). Nothing is downloaded from external arbitrary URLs and no package manager installs are required, so install risk is low.
Credentials
The functionality legitimately requires SMTP credentials and a Kindle email. Those are sensitive credentials (SMTP app password) and should have been declared in the skill metadata; omitting them from the declared 'requires.env' is an incoherence. Requiring SMTP credentials is proportionate, but the skill's ability to use them autonomously raises risk if the credentials are given without restrictions.
Persistence & Privilege
The skill is not always-included and does not request persistent system privileges. However, it can be invoked autonomously (platform default). Combined with SMTP credentials, autonomous access would allow the skill to send emails without further user confirmation — a non-trivial risk that depends on how the platform governs autonomous tool invocation and secret usage.
What to consider before installing
This skill appears to implement its stated function, but there are two practical concerns you should consider before installing:
1) Secrets and metadata mismatch: SKILL.md and the script require SMTP_EMAIL, SMTP_PASSWORD (app password), and KINDLE_EMAIL, but the registry metadata lists no required env vars. Do not assume the skill is safe just because metadata omits credentials — the code will need them.
2) Arbitrary-file-sending risk: The included tool will send any local file path you pass to it to the configured Kindle email. That is necessary to send the generated HTML, but it also means a mis-invocation or malicious agent behavior could exfiltrate local files. To reduce risk:
- Use a dedicated email account (Gmail) and an app-specific password with minimal access; avoid using your primary account.
- Use a disposable or limited-permissions Kindle address if possible.
- Only grant SMTP_PASSWORD to skills you trust, and prefer rotating the app password after testing.
- Inspect and, if possible, modify the script so it only accepts files from a controlled directory (e.g., a sandboxed /tmp/<skill>/ folder) or validates filenames before sending.
- Confirm how your agent platform prompts you (or not) before invoking the tool; require explicit user confirmation for any send operation.
- Verify network calls (fxtwitter API) are acceptable for your privacy policy; consider using an API you trust or self-hosted fetch logic.
If you cannot or will not follow these mitigations, avoid installing or provide only throwaway credentials for testing.Like a lobster shell, security has layers — review code before you run it.
latestvk97fq2c19ph3364bk1x2nvr1t580n1rm
License
MIT-0
Free to use, modify, and redistribute. No attribution required.