Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
📰 ZeeLin Report-to-X AutoPost
v1.5.0Automatically picks the latest unposted report from a report website or JSON feed, drafts an English X/Twitter post summarizing the report, publishes it via...
⭐ 0· 116·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md promises flexible data-source handling (reports_config.json, RSS, JSON, SPA JS) and to reuse an existing web-posting script; the included Python only scrapes one hard-coded REPORT_SITE and does not implement flexible source discovery. It also hard-codes a path to another skill's tweet.sh, which is not declared as a dependency.
Instruction Scope
The runtime instructions and SKILL.md describe safe-to-follow steps, but the shipped code executes an external script at a fixed path (~/.openclaw/workspace/skills/zeelin-twitter-web-autopost/scripts/tweet.sh). Invoking that script hands over execution to code outside this skill's manifest and could transmit data or perform actions not described in SKILL.md. The script also writes state to the user's home (~/.openclaw/memory/...), which is expected but worth noting.
Install Mechanism
No install spec and only a small Python script are included; nothing is downloaded or extracted. This lowers install-time risk.
Credentials
The skill requests no env vars, but it accesses and creates files under the user's home (~/.openclaw/...), and it calls a script in another skill's workspace. That cross-skill path access is disproportionate unless the user explicitly expects and trusts the referenced tweet.sh implementation and its use of browser cookies or other credentials.
Persistence & Privilege
always is false (good), but the skill persists posted IDs to ~/.openclaw/memory/zeelin_last_report.json. More importantly, it invokes a script belonging to a different skill workspace, which effectively grants that other script runtime privilege from this skill's invocation and can broaden the blast radius unexpectedly.
What to consider before installing
This skill's high-level behavior is reasonable, but before installing you should: (1) inspect the referenced tweet.sh at ~/.openclaw/workspace/skills/zeelin-twitter-web-autopost/scripts/tweet.sh to confirm what it does (it will run with your permissions and may access browser cookies or network); (2) edit the Python script so REPORT_SITE and the tweet script path are configurable (not hard-coded) and so source-selection matches the SKILL.md if you need RSS/JSON support; (3) verify you trust the external report URL and the other skill's code—the skill will run subprocesses and could cause unexpected network or local actions; (4) consider running the script in a safe environment or with a dry-run mode before giving it access to your real X/web session. If you cannot review the external tweet.sh, do not enable this skill.Like a lobster shell, security has layers — review code before you run it.
latestvk9744jy3p07a8hydk43ma3tag98460a3
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
📰 Clawdis