ClawHub

Twitter/X Agent Operations — AI Ghostwriter SOP That Grew an Account +60% in 45 Days

Security checks across malware telemetry and agentic risk

Overview

This skill appears aimed at X/Twitter growth automation, but it encourages live-account posting and broad source-content indexing without clear human approval, privacy, or platform-compliance guardrails.

Review this carefully before installing. Use it only in draft mode or with an explicit approval step before every post, connect only accounts you are authorized to manage, and avoid indexing private, confidential, copyrighted, or sensitive source material unless you have consent and a retention plan.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (8)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger list contains very broad phrases such as "twitter automation," "social media agent," and "tweet writing," which can cause the skill to activate for generic user requests unrelated to this specific SOP. Overbroad matching increases the chance that an agent injects aggressive growth-automation guidance into benign conversations, creating unintended automation, policy, or reputational risk.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill explicitly promotes fully agent-operated posting and follower growth, but it does not present clear warnings about platform terms, account enforcement, impersonation/ghostwriting concerns, or reputational harm from autonomous posting. In context, this is more dangerous because the skill operationalizes end-to-end automation, scheduling, posting strategy, and growth optimization, making misuse or policy-violating deployment easier for non-expert users.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The README explicitly promotes fully automated Twitter/X account management and daily posting on a live account, but it does not warn about platform-policy violations, account suspension risk, unintended autonomous posting, or the need for human review before publication. In this skill context, that omission is meaningful because the document is not merely descriptive; it is an operational SOP intended to be copied into an agent workflow that can directly affect a real social-media account.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This section gives concrete instructions to generate a weekly schedule and execute one post per day, effectively operationalizing autonomous publishing, yet it omits a warning that drafts can reach a live audience and should be reviewed for accuracy, safety, and policy compliance before posting. Because the skill is specifically designed for agent-operated social media growth, the absence of a human-in-the-loop checkpoint increases the likelihood of accidental spam, misinformation, or harmful posts being published at scale.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
This skill explicitly promotes full agent-operated X/Twitter account management and growth automation, including scheduling, posting, analytics, and behavioral optimization, but it does not warn about account-security, privacy, platform-policy, or reputational risks. In context, the omission matters because users may hand over account access, automate public communications, and collect engagement data without understanding potential abuse, lockout, suspension, or unintended disclosure consequences.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The guide instructs operators to transcribe, archive, and index all primary content from podcasts, interviews, documents, speeches, and similar sources into a searchable corpus, but it does not address sensitive personal data, confidential material, third-party content rights, or retention limits. In this context, centralizing raw speech and personal expression into an agent-consumable database increases the chance of over-collection, unauthorized reuse, privacy leakage, and accidental exposure through prompts, logs, or downstream outputs.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The README promotes fully automated posting, tracking, and account operation across AI agents without clearly warning about platform-policy violations, account suspension risk, privacy implications, or reputational harm from unattended posting. In this context, the omission matters because the skill is explicitly designed for agent-operated social media growth, so users may deploy automation on real accounts without understanding the operational and compliance risks.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill instructs users to transcribe and convert all primary content—podcasts, interviews, documents, talks—into searchable text, but does not warn about collecting and storing sensitive personal data, copyrighted material, or confidential business information in a centralized source index. Because the workflow is intended to mimic a real person's voice and mine prior communications, it increases the likelihood of over-collection and unsafe retention of personal or proprietary content.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal