bluesky-skill
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill mostly matches its Bluesky account-management purpose, but it uses a persistent global session token and a documented runner path that is not present in the reviewed package, so it should be reviewed before use.
Before installing, confirm the exact executable path, use a limited Bluesky app password, avoid enabling DM access unless needed, require approval for account-mutating actions, and delete ~/.bsky_session.json when switching accounts or revoking access.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could keep acting through a cached Bluesky session, including potentially the wrong account after a handle change, and the cached token may preserve account or DM access until removed.
The code uses a single home-directory session cache and accepts that cached session before doing a fresh login with BLUESKY_HANDLE. The cache is not visibly scoped to or verified against the configured handle.
SESSION_FILE = Path.home() / ".bsky_session.json" ... client.login(session_string=data["session_string"]) ... return client ... client.login(handle, password)
Store sessions per handle, verify the logged-in account matches BLUESKY_HANDLE before any mutating command, use restrictive file permissions, and clearly tell users to delete or revoke the cache when switching accounts.
If a different ./bsky exists in the project root, the agent may execute code outside the reviewed skill package while Bluesky credentials are available.
The reviewed manifest lists SKILL.md and scripts/bsky.py, but not a ./bsky executable. Following this relative project-root command could fail or run an unreviewed local executable named bsky.
Operate a Bluesky social media account via `./bsky <command> [args]`. All output is JSON. Run from the project root.
Include a reviewed ./bsky wrapper in the package or change the instructions to run the packaged script directly, such as python3 scripts/bsky.py, from a known trusted path.
An agent using this skill can change the user's Bluesky account state, publish content, send DMs, and change moderation relationships.
These are high-impact account actions, including public posting and private messaging, but they are disclosed and central to the skill's stated purpose.
Manage a Bluesky (bsky) account — posting, replies, likes, reposts, follows, blocks, mutes, search, timeline, threads, notifications, DMs, and profile updates
Use this skill only with explicit user intent, and require confirmation before post, delete, DM, follow, block, mute, or profile-update commands.