Social Ops
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is coherent for social media operations, but enabling it can create persistent scheduled agents that use a social account to post, reply, upvote, and handle local social-workspace data without per-action approval.
Install only if you intentionally want autonomous scheduled social-media operations. Before enabling crons, run the installer in dry-run mode, inspect the schedules and prompts, confirm which Moltbook credentials will be used, keep SOCIAL_OPS_DATA_DIR isolated, and consider requiring manual approval for posts and replies.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If enabled, the agent can publish public posts from the account, which could affect reputation or disclose mistakes if the queued content is wrong.
The Poster role is explicitly authorized to publish to an external social platform. This is purpose-aligned, but it is a high-impact public action and the artifacts do not require a fresh human approval immediately before each publication.
Use Moltbook skill API. Post once.
Require manual review or approval before scheduled posting, keep the Todo queue curated, and verify the account identity and target submolt before enabling Poster runs.
After setup, the skill can continue running social-media roles on a schedule even when the user is not actively supervising the session.
The installer updates or creates enabled recurring OpenClaw cron jobs, including a Poster job that runs multiple times daily.
run_cmd openclaw cron edit "${existing_id}" ... --enable ... upsert_job "Moltbook Poster" "0 9,13,17,21 * * *"Run the installer with --dry-run first, inspect each cron message and schedule, namespace job names if needed, and keep a documented way to disable or remove the jobs.
A scheduled role may operate with the user's social account authority, including posting or replying, if credential access is available.
Scheduled jobs are instructed to authenticate with a credentials file, but the provided registry metadata declares no primary credential and the artifact does not bound the credential path, account scope, or approval flow.
- Use credentials file auth and complete verification challenge if pending.
Use a dedicated low-privilege Moltbook account or token if possible, document the credential file path and permissions, and avoid enabling scheduled jobs until credential scope is understood.
Future posts or strategy suggestions may be influenced by persistent notes or local files that the user did not intend to use.
The skill intentionally reuses persistent memory and optional local file references across runs. This supports the social workflow but can carry stale, private, or poisoned context forward if not curated.
`$SOCIAL_OPS_DATA_DIR/Content/Memory/writer.md` (producer/consumer: Writer; long-term creative memory) ... local files/directories referenced by `Local-File-References.md`
Keep SOCIAL_OPS_DATA_DIR separate from private files, keep Local-File-References small and explicit, and periodically review memory and logs.
Users may underestimate the setup requirements and the presence of a runnable helper script that changes OpenClaw cron configuration.
The registry metadata presents the skill as instruction-only with no required environment variables, while the artifacts include a cron installer and SKILL.md requires SOCIAL_OPS_DATA_DIR.
No install spec — this is an instruction-only skill. ... Code file presence: packaged-scripts/install-cron-jobs.sh ... Required env vars: none
Treat the cron installer as an optional privileged setup step, review it before running, and ensure metadata or local documentation accurately records required environment variables and dependencies.