Skillv0.1.1

ClawScan security

zeelin-x-hourly-growth · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 30, 2026, 3:59 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill is internally coherent with its stated purpose (automated hourly replies via the logged-in Chrome profile) but it requires access to your local Chrome profile and installs a LaunchAgent that will post on your behalf — both of which are high‑sensitivity actions you should review carefully before installing.
Guidance: This skill does what it says: it will use your local Chrome profile to find and post replies on X and can be scheduled hourly via a LaunchAgent. Before installing: 1) Inspect the full Python script (you saw it truncated) to ensure posting logic and filters meet your expectations. 2) Backup your Chrome profile (or run with a dedicated disposable OpenClaw profile) because the script restarts and manipulates profile lock files and can act as any logged-in account. 3) Test with --dry-run to confirm behavior without posting. 4) Consider running in a VM/container or a separate macOS user if you want stronger isolation. 5) If you install, review the LaunchAgent plist added to ~/Library/LaunchAgents and use the provided uninstall script to remove it when done. If you are not comfortable granting automated posting rights to your browser profile, do not install.

Review Dimensions

Purpose & Capability: okName/description, scripts, and install/uninstall helpers align: the Python script uses Chrome CDP against the declared profile path and the install script creates a LaunchAgent to run hourly. Required binary (python3) and required config path (~/.openclaw/browser/user/user-data) match the stated goal of posting from a logged-in browser profile.
Instruction Scope: noteSKILL.md and run_hourly_growth.py instruct the agent to connect to Chrome CDP (127.0.0.1:9222), navigate x.com, read page contents, and programmatically post replies. The runtime will restart only the OpenClaw profile if CDP is unavailable (it pkill's processes matching the profile and removes Chrome lockfiles). This stays within the stated purpose but is powerful: it reads and manipulates the browser profile and will act as the logged-in accounts.
Install Mechanism: okNo external downloads or third-party package installs are performed; the repository includes install/uninstall shell scripts that write a plist to ~/Library/LaunchAgents and bootstrap it. That is expected for a scheduled local job, though it does create persistent, system-scheduled behavior in the user's account.
Credentials: concernNo external API keys are requested, which is appropriate. However the skill requires direct access to the Chrome user-data directory (~/.openclaw/browser/user/user-data). That profile likely contains session cookies and credentials for all logged-in sites — granting the skill access effectively grants it full ability to act as those accounts (read cookies, post, etc.). That level of access is proportionate to posting from a logged-in browser but is high sensitivity and should only be granted after careful review.
Persistence & Privilege: noteThe install script creates and enables a LaunchAgent to run hourly and will therefore perform autonomous actions on a schedule. always:false and default autonomy are preserved, but installing the LaunchAgent gives the skill persistent capability to post automatically; the uninstall script is provided to remove it.