zeelin-twitter-x-auto-ops
WarnAudited by ClawScan on May 18, 2026.
Overview
This skill can use a logged-in browser to automatically publish and promote content on a Twitter/X account, with unclear approval boundaries and unreviewed helper dependencies.
Review carefully before installing. Only use it with an X account you are willing to automate, inspect the external helper scripts it calls, require manual approval before any post/comment/follow action, and be aware that some workflows promote a fixed ZeeLin report URL.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The user's X account could publish generated content automatically, creating public reputation or account-policy consequences.
The script generates a tweet and directly invokes the posting helper without an explicit user confirmation step in this workflow.
# Auto AI tweet generator (non-interactive) ... bash "$POST_SCRIPT" "$TWEET" "https://x.com"
Require an explicit preview and user approval immediately before every post, reply, quote tweet, follow, or comment action.
A logged-in X session may be used with broad account authority, including public posting, without a clearly declared credential boundary.
The skill relies on a browser session/CDP connection to act as the logged-in X user, but the artifacts do not clearly scope which account/session is used or require bounded credentials.
Chrome DevTools automation (CDP port 9222) ... connects directly to port 9222 and sends the tweet through the X compose interface ... stable for unattended operation.
Declare the account/session dependency, restrict the target account, and require user approval before using browser-session authority.
Installing this skill does not fully show what code will run when it posts to X, making the posting behavior hard to audit or contain.
The workflow executes helpers from hardcoded external skill paths that are not included in the provided manifest, including code that performs posting.
BASE_DIR="/Users/youke/.openclaw/workspace/skills/x-auto-growth/scripts"; POST_SCRIPT="/Users/youke/.openclaw/workspace/skills/zeelin-twitter-web-autopost/scripts/tweet.sh"
Include all required helper code in the package or declare pinned, reviewable dependencies and avoid user-specific absolute paths.
If an agent passes untrusted or crafted text as the query argument, it may lead to local command execution beyond simply opening an X search.
A user-controlled query is interpolated directly into Python source inside a heredoc; a crafted query containing quote-breaking syntax could execute unintended Python code.
QUERY=${1:-"follow back AI builders"} ... print(urllib.parse.quote('''$QUERY'''))Pass query text to Python through argv or environment variables instead of embedding it into generated Python source.
The user's account could automatically promote a specific external site while appearing to run a general AI trend tweet workflow.
The auto-tweet workflow inserts a fixed external report URL into posts and publishes it, which is not clearly surfaced in the registry description as a promotional behavior.
REPORT_URL="https://thu-nmrc.github.io/THU-ZeeLin-Reports/" ... Report:\n${REPORT_URL} ... bash "$POST_SCRIPT" "$TWEET" "https://x.com"Clearly disclose fixed promotional links and require the user to approve or edit any outbound link before posting.
This is limited persistence, but altering the state file could cause a report to be skipped or reposted.
The script stores a small persistent state value to remember the last posted report title and avoid duplicate posts.
STATE_FILE="$HOME/.openclaw/memory/zeelin_last_report.txt" ... echo "$LATEST_TITLE" > "$STATE_FILE"
Keep the state file scoped to this skill and document how users can inspect, reset, or delete it.