Clawbsky
PassAudited by ClawScan on May 10, 2026.
Overview
Clawbsky is a disclosed Bluesky automation CLI, but it can use your app password to post, follow/unfollow, moderate, and upload selected media, so actions should be invoked deliberately.
This skill appears coherent for managing a Bluesky account. Before installing, understand that it can take real public account actions, including posting, replying, following, unfollowing, blocking, muting, and uploading media. Use a revocable Bluesky app password, review commands before running them, and prefer dry-run for batch follow/unfollow operations.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked, the skill can automatically follow or unfollow Bluesky accounts and perform other public account actions.
The skill exposes batch social-account mutation commands. This is disclosed and purpose-aligned, but following/unfollowing can affect the user's account reputation and relationships.
clawbsky unfollow-non-mutuals -n 50 # Unfollow top 50 non-mutuals clawbsky follow-all "Query" -n 20 # Auto-follow users matching a topic
Use dry-run where available, keep batch sizes small, and only allow these commands when you explicitly want the account changes.
Anyone who can run the skill with these environment variables can act on the configured Bluesky account.
The CLI authenticates to Bluesky using an app password from environment variables. This is expected for the integration, but it gives the tool account-level authority.
const handle = process.env.BLUESKY_HANDLE;
const password = process.env.BLUESKY_APP_PASSWORD;
...
await agent.login({ identifier: handle, password });Use a Bluesky app password rather than your main password, store it securely, and revoke it from Bluesky settings if you stop using the skill or suspect exposure.
Installing later may pull newer compatible package versions than the reviewer saw.
The documented npm install will resolve dependency ranges, and the supplied manifest does not show a lockfile. This is common for Node CLIs but leaves some dependency provenance to npm resolution.
"dependencies": {
"@atproto/api": "^0.13.22",
"dotenv": "^16.4.7",
"fluent-ffmpeg": "^2.1.3",
"tsx": "^4.19.2"
}Install from a trusted source, review dependency changes if possible, and prefer a lockfile or pinned versions for reproducible installs.
Files you pass as media arguments may be uploaded to Bluesky services and become part of a post.
The skill reads user-specified media files and uploads them to Bluesky or the Bluesky video service. This is disclosed media-posting behavior, not broad local file collection.
const fileBytes = fs.readFileSync(validatedPath);
...
const response = await agent.uploadBlob(fileBytes, { encoding: mime });Only provide media files you intend to upload or publish, and avoid passing private files by mistake.