ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

X Comment Feed Posts

v1.1.1

Find posts in the user's X feed and leave comments on them one by one. Use when the user wants to comment on N posts from the feed, usually about indie tech...

0· 124·0 current·0 all-time
byDishant Sharma@dishant0406
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description align with the instructions: the SKILL.md exclusively describes discovering posts in the X home feed and posting comments. It reasonably assumes a managed browser (openclaw browser) and optionally a twitter-humanizer skill. No unrelated credentials, binaries, or config paths are requested.
!
Instruction Scope
Instructions are prescriptive about browser navigation (always use openclaw browser start, use For You tab, never refresh, open posts only by clicking feed cards, like before commenting, close x.com tab after run). These constraints are coherent for producing consistent behavior, but they read like tactics to mimic human browsing and avoid detection. The skill also mandates a strict sequence and cadence that could be used for automated, repeated engagement. The SKILL.md does not instruct reading or exfiltrating unrelated files or env vars, which is good, but the behavioral constraints present platform-abuse risk.
Install Mechanism
Instruction-only skill with no install spec or downloaded code. Nothing is written to disk by this skill package itself.
Credentials
No environment variables, credentials, or config paths are requested. The skill implicitly requires a logged-in browser session to X, but it does not declare or request account credentials.
!
Persistence & Privilege
always is false (good). However the skill is allowed to be invoked autonomously by default (disable-model-invocation: false) while the SKILL.md repeatedly frames the workflow as a manual, human-like process. That mismatch — combined with the explicit navigation rules that mimic human behavior — increases the risk that the skill could be used to automate large-scale commenting if invoked without human oversight.
What to consider before installing
This skill appears to do what it says (browse the X feed and post short comments) and requests no credentials, but it codifies very specific, human-like browsing tactics (For You tab only, never refresh, click feed cards, like then comment) that could be leveraged to evade platform detection if run at scale. Before installing: (1) consider whether you want any agent to be able to invoke it autonomously — disable autonomous invocation or require manual confirmation for each run if possible; (2) be aware this could violate X/Twitter rules and risk your account if used for mass engagement; (3) confirm the managed openclaw browser will use your authenticated session only with your consent; (4) if you want lower risk, ask the publisher to remove the hard-coded anti-refresh/For You rules or to add explicit rate limits and a manual-approval step. If you want, I can suggest safer configuration changes or a checklist of safeguards to request from the skill author.

Like a lobster shell, security has layers — review code before you run it.

latestvk9768j54vkga1yb8bcshjp3e4n84y9g1

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments