ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Edison Autopilot Post X

v1.0.0

Automatically generates and posts 5 persona-matched tweets daily to X using GPT-5.1, with repetition checks, content filters, and Telegram alerts.

0· 254·0 current·0 all-time
by@edisonchenai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The code and SKILL.md align with the stated purpose: it uses OpenAI to generate tweets, posts via the X API, and sends Telegram notifications. Requiring OpenAI and X API credentials is appropriate for this functionality. However, the registry metadata incorrectly claims there are no required environment variables/credentials while the code requires multiple secrets (OPENAI_API_KEY and X API keys), which is an incoherence between declared metadata and the actual capability.
Instruction Scope
Runtime instructions (SKILL.md) and the code stay within the posting use-case (generate → check length/dedup → post → notify). The code also supports an optional SCAN_DIR env var that will read the most recent .md file from a user-specified directory and include up to 3k characters as context. SKILL.md does not document SCAN_DIR. Because SCAN_DIR lets the skill read arbitrary local files if you set it, you should only point it at non-sensitive locations.
Install Mechanism
There is no installer that downloads remote archives. The SKILL.md asks users to pip install tweepy and requests, which is reasonable and proportionate. No unusual or high-risk install URLs, extract steps, or third-party packages beyond common libraries are present.
!
Credentials
The script requires high-value secrets (OPENAI_API_KEY, X_CONSUMER_KEY/SECRET, X_ACCESS_TOKEN/SECRET) and may send generated content externally (OpenAI, X, Telegram). Those secrets are necessary for the stated purpose, but the registry metadata incorrectly lists none — this mismatch is a risk because automated installers/tools may not know to prompt you for these credentials. Also the optional SCAN_DIR can cause local-file reads if configured. The number and sensitivity of env vars are proportionate to the task but must be explicitly declared.
Persistence & Privilege
The skill does not request 'always: true' and does not modify other skills or system-wide settings. It will create and write logs to ~/autopilot-post-x/logs (normal for deduplication). SKILL.md suggests scheduling via cron (manual action). Autonomous invocation is enabled by default but that is platform standard — combine this with the required API keys and you should be careful which account/token you supply.
What to consider before installing
Key things to consider before installing: - Metadata mismatch: the registry lists no required env vars, but the code needs OPENAI_API_KEY and full X API keys (consumer + access token/secret). Expect to provide these secrets; verify you trust the skill before supplying them. - Test with dry-run first: run python auto_tweet.py --dry-run to preview generated tweets and ensure prompts and persona are acceptable. - Use separate/limited credentials: if possible use a secondary X account and API keys you can revoke if something goes wrong. Treat OPENAI_API_KEY similarly (billing/usage risk). - Be cautious with SCAN_DIR: only set SCAN_DIR to folders that contain non-sensitive context; if left unset the script won't read arbitrary files. The skill will read up to the first recent .md in that directory. - Logs: the script will create ~/autopilot-post-x/logs and write posted tweet texts there. If you don't want this, change LOG_DIR before running. - Inspect and customize the persona/prompt: the prompt enforces an @mention and other rules — review PERSONA, TOPICS, and BANNED_PHRASES to avoid unexpected content. - If you want to proceed: correct the metadata (or ask the publisher to) so required env vars are declared, run in an isolated account or container, and monitor API usage and posted content for at least a few days. Confidence note: High confidence in these findings because the code is present and clearly reveals required env vars, network endpoints, file read/write behavior, and the metadata mismatch.

Like a lobster shell, security has layers — review code before you run it.

aivk979v8bncc4qs3y12cn93k63th82gz1xautomationvk979v8bncc4qs3y12cn93k63th82gz1xlatestvk979v8bncc4qs3y12cn93k63th82gz1xopenaivk979v8bncc4qs3y12cn93k63th82gz1xtweepyvk979v8bncc4qs3y12cn93k63th82gz1xtwittervk979v8bncc4qs3y12cn93k63th82gz1xxvk979v8bncc4qs3y12cn93k63th82gz1x

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments