X Manual Surf Notes (手动刷帖笔记)
v1.0.0手动操控浏览器在X首页For You浏览、点开帖子,提取内容翻译成中文,去重后按时间内容链接评论追加笔记。
⭐ 4· 1.6k·2 current·2 all-time
byKai Ma@kaima2022
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The described purpose (manual browser-driven X/Twitter note-taking via the Chrome Extension Relay) matches the instructions to use the browser tool, scroll, open tweets, translate to Chinese, dedupe and append notes. However the skill hardcodes an output file path (/home/makai/.openclaw/workspace/projects/x-ai-surf/x-ai-notes.md) and does not declare any required config path or permission for writing/reading that file—this is a mismatch and surprising. Also deduplication across batches implies the skill must read previously-written notes, but that read is not declared.
Instruction Scope
SKILL.md instructs the agent to control a logged-in Chrome profile, navigate to https://x.com/home, scroll, click into tweet details, expand content, extract author/time/text, translate/summary, dedupe, and append a markdown block. These actions are generally within the stated purpose, but the instructions implicitly require reading existing notes to enforce cross-batch dedupe and explicitly write to a specific local path. The skill does not state how duplicates are detected (reading the file, maintaining an index, etc.), nor does it ask for or declare permission to access that path.
Install Mechanism
No install script or third-party downloads: the skill is instruction-only and injects no new binaries. This lowers supply-chain risk. The main runtime actions rely on the platform 'browser' tool (Chrome Extension Relay) rather than installing code on disk.
Credentials
The skill requests no environment variables or credentials, which is appropriate. But it requires use of the user's Chrome profile via the Extension Relay (cookies/session access to X) and writes to a hardcoded home-directory path. Access to a browser profile/session and the ability to read/write a local file are sensitive capabilities that should be explicitly declared and parameterized. Hardcoding '/home/makai/...' is inappropriate for general use and may indicate sloppy or user-specific packaging.
Persistence & Privilege
The skill is not marked always:true. Model invocation is allowed (platform default), which means an agent could autonomously run this workflow. Given the skill's ability to control the browser and append to a local file, autonomous invocation increases privacy/impact risk — consider requiring explicit user invocation or additional safeguards. The skill does not attempt to modify other skills or system-wide config.
Scan Findings in Context
[none_detected] unexpected: The regex-based scanner found nothing; this is expected because the package is instruction-only (no code files to scan). The security signals must therefore come from the SKILL.md content itself.
What to consider before installing
This skill mostly does what it says (drive your logged-in Chrome, read tweets, summarize to Chinese, and append notes), but there are three things to consider before installing: 1) The output path is hardcoded to /home/makai/..., which is user-specific and not declared—ask the author to make the path configurable and declare it in the skill metadata (required config path). 2) Deduplication across batches implies the skill will read existing notes; confirm exactly how it checks for duplicates and that the skill requests explicit permission to read that file. 3) The skill requires access to your Chrome profile/session (cookies) via the Extension Relay; only enable the extension when you intend to run the skill and ensure you trust the runtime environment. If you need higher assurance, request an updated skill package that (a) parameterizes the file path, (b) declares required config paths/permissions, and (c) documents the exact read/write/dedupe behavior; consider requiring manual (user-invoked) runs rather than autonomous invocation.Like a lobster shell, security has layers — review code before you run it.
browservk979m5nn3t8v325qbf0a63kcqn80jehycnvk979m5nn3t8v325qbf0a63kcqn80jehylatestvk979m5nn3t8v325qbf0a63kcqn80jehylatestlatestvk979m5nn3t8v325qbf0a63kcqn80jehynotesvk979m5nn3t8v325qbf0a63kcqn80jehytwittervk979m5nn3t8v325qbf0a63kcqn80jehyxvk979m5nn3t8v325qbf0a63kcqn80jehy
License
MIT-0
Free to use, modify, and redistribute. No attribution required.