Yarn - Control and Access Threads.com via the CLI
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: yarn-threads-cli Version: 0.1.3 The skill is classified as suspicious due to its reliance on the `yarn-threads-cli` tool, which is explicitly stated in `SKILL.md` and `references/commands.md` to authenticate by accessing sensitive browser profile data (Chrome/Firefox cookies). While this capability is necessary for the tool's stated purpose of interacting with Threads, it grants the underlying CLI tool significant access to potentially sensitive user information. This represents a high-risk capability, as a compromised `yarn-threads-cli` or its dependencies could lead to credential theft, even though the skill bundle itself does not contain explicit malicious instructions for the agent to perform such actions.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The CLI can access private Threads account views and act as the logged-in user if the agent or user supplies these credentials/profile paths.
The CLI is documented to authenticate with raw Threads session cookies or local browser profile/cookie database data. This is high-impact account access, especially because the registry metadata declares no primary credential or config path.
`--session-id <token>` | Threads sessionid cookie ... `--csrf-token <token>` ... `--chrome-profile-dir <path>` | Chrome/Chromium profile directory or cookie DB path
Use a dedicated browser profile or limited session for this tool, avoid exposing raw cookies when possible, and revoke/log out the session if you stop using it.
A mistaken or over-broad agent action could publish content, replies, or quotes from the user's Threads account.
The skill exposes commands that create posts, replies, and quotes on Threads, but the artifacts do not include explicit confirmation, preview, or rollback guidance before publishing.
`yarn-threads post "text"` ... `yarn-threads reply <url-or-code> "text"` ... `yarn-threads quote <url-or-code> "text"`
Require explicit user confirmation showing the exact text, target URL, and account before any post, reply, or quote command is run.
The actual npm package will handle the Threads session/profile access, so its behavior and updates are outside this artifact review.
The skill depends on a globally installed npm CLI that is not included in the reviewed artifacts. This is central to the stated purpose, but the installed package is unpinned and not reviewed here.
`npm install -g yarn-threads-cli`
Verify the npm package and source repository before installing, prefer a pinned version, and consider installing it in an isolated environment.