OpenClaw Flow Kit
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is mostly coherent, but its MoltX helper can use an existing account session to automatically like or repost feed items without letting the user choose the post.
Review before installing. Do not run the MoltX minimal helper unless you are comfortable with it automatically liking or reposting a feed item from your configured account. Review the referenced moltx-streamliner client, use the release publisher only intentionally, and run the command-envelope helper only around trusted commands.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the helper could cause your MoltX account to repost or like an arbitrary feed item just to satisfy an engage gate.
Default minimal mode automatically reposts the first eligible feed post before falling back to a like, with no content selection or confirmation step.
# minimal: try repost first, then like
if do_repost(pid):
engaged = "repost"Require explicit user approval and post selection before any like or repost; consider making dry-run or like-only behavior the default.
The skill may act using whichever MoltX account is configured in the existing local client, which could surprise users if the account or permissions are not clear.
The script uses an existing MoltX client session from another local skill, then uses that session for feed reads and engagement actions, but the skill metadata declares no credential requirement.
from moltx_client import session, API_BASE
s = session()Declare the MoltX session dependency and account authority clearly, show which account will be used, and ask before performing account-changing actions.
The helper’s actual MoltX authentication and API behavior depends on another local component you also need to trust.
Runtime behavior depends on a separate local moltx-streamliner skill/client that is not included in this manifest; the script does check for its presence, but its code and credential handling are outside this review.
client_dir = ws / "skills" / "moltx-streamliner" / "scripts"
...
sys.path.insert(0, str(client_dir))Review the moltx-streamliner client before using this helper, and declare it as an explicit dependency.
If an agent wraps the wrong command, it could run unintended local operations or expose command output in the conversation/logs.
The result-envelope helper intentionally runs any user-supplied command and returns stdout/stderr as JSON. This is central to the stated purpose and uses shell=False, but it is still broad local command execution.
ap.add_argument("cmd", nargs=argparse.REMAINDER)
...
subprocess.run(cmd, capture_output=True, text=True, timeout=..., shell=False)Use it only with commands you intend to run, prefer timeouts, and avoid wrapping commands that print secrets.
A mistaken publish command could release the wrong skill or metadata publicly.
The publish subcommand invokes the external clawdhub CLI to publish a selected skill. This is disclosed and user-directed, but it can change public ClawHub account state.
cmd = [
"clawdhub",
"publish",
str(skill_folder),Run prepare first, review the target folder/slug/version/changelog, and only invoke publish when you intend to make the release public.