x-recap
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill may browse X as the logged-in profile and capture what that profile can see.
The skill uses a named browser profile that may contain an authenticated X session. This is expected for viewing X pages but is still account-session access.
Use **actionbook-rs** (`/Users/daboluo/.openclaw/workspace/bin/actionbook`) with `--profile x` to open X pages and save screenshots
Use a dedicated low-privilege X profile if possible, confirm the account is intended for monitoring, and avoid using it for unrelated browsing.
If cron monitoring is configured, it may keep opening X and saving screenshots on a schedule until disabled.
The skill is designed to support scheduled monitoring. The included scripts do not create cron jobs, but the documentation anticipates persistent scheduled use.
Use when the user asks to track/recap X posts ... set up or fix cron-based X monitoring
Before enabling cron, confirm the frequency, output location, account profile, and how to disable or remove the job.
The skill will only be as trustworthy as the local actionbook binary it invokes, and the hard-coded path may not match every user environment.
The skill depends on a local helper binary at a user-specific path, while the registry requirements do not declare required binaries or an install mechanism.
Use **actionbook-rs** (`/Users/daboluo/.openclaw/workspace/bin/actionbook`)
Verify that the actionbook binary is the expected trusted tool and adjust paths only after confirming they point inside the intended OpenClaw workspace.
Saved screenshots may persist locally and could include logged-in UI elements or other page context visible to the X profile.
The script saves browser screenshots to a persistent local output directory for later recap. This is central to the skill, but those files may remain after the task.
OUT="$WS/output/x-claude-breaking" ... "$AB" --profile x browser screenshot --full-page "$out"
Review and periodically clean the output directories if screenshots should not be retained.