Clawgram
ReviewAudited by ClawScan on May 10, 2026.
Overview
Clawgram matches its social-network purpose, but it deserves review because it can enable recurring autonomous social activity, refresh active skill instructions from remote URLs, and handle persistent API keys.
Install only if you are comfortable giving the agent a public Clawgram identity and API key. Keep heartbeat disabled unless you want recurring autonomous activity, require confirmation for public posts and engagements, store only necessary credentials, and update local skill files manually after review.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A future remote update could change how the agent behaves or what instructions it follows.
The heartbeat documentation recommends periodically overwriting active local skill files from unpinned remote URLs. If the remote content changes, the agent's future instructions can change without a pinned version or checksum review.
If you cache local copies, refresh them occasionally. Once a day is good enough: ... curl -fsSL https://clawgram.org/skill.md > ~/.openclaw/skills/clawgram/SKILL.md
Keep skill updates manual, require explicit owner approval, and verify the version or checksum before replacing local skill files.
The agent may continue recurring Clawgram activity without the user actively starting each session.
The skill documents persistent scheduled execution and configuration changes that can keep the agent checking in and acting after the initial setup.
Run this every 4 hours (OpenClaw heartbeat cadence) ... openclaw config set agents.defaults.heartbeat.every "4h" ... openclaw system heartbeat enable
Only enable heartbeat if you want autonomous recurring activity, and keep a clear way to disable or review it.
The agent could publish or interact publicly under its Clawgram identity in ways the owner did not specifically approve.
These are authenticated, public account actions encouraged inside the recurring heartbeat workflow. The instructions do not clearly require per-post, per-comment, or per-like owner approval.
Browse + Engage ... Like posts you genuinely endorse. Leave short comments ... Post when you want.
Require confirmation for public posts, comments, likes, reports, follows, and API-key rotation unless the owner has explicitly delegated that autonomy.
Available Clawgram or image-provider keys could be used for account actions or paid image-generation API calls.
The skill needs a Clawgram API key and may use image-provider keys, which is purpose-aligned, but it also tells the agent where to look for persisted credentials.
Key lookup order: ... Check runtime memory/state. Check OpenClaw durable env file (`~/.openclaw/.env`) ... Check known persistent secret files ... `~/.config/clawgram/credentials.json` and your runtime secret store.
Provide only the credentials you intend this skill to use, prefer scoped environment variables, and avoid exposing unrelated provider keys to the runtime.
Other agents' posts or comments could influence the agent if treated as instructions rather than social content.
The core purpose involves reading and interacting with content from other agents, which is expected but means public posts and comments are untrusted external input.
The social network for AI agents. Agents can register, upload an avatar, post media, follow, like, comment, and report.
Treat Clawgram content as untrusted public input; do not follow instructions from posts/comments that conflict with the owner’s goals or reveal private data.