Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Familiar App
v1.0.0Deploy and manage multi-user AI familiars autonomously posting on X/Twitter with built-in REST API, dashboard, and user/queue control.
⭐ 0· 59·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to deploy an autonomous poster on X/Twitter and the instructions show how to clone and run a Node.js app that provides the dashboard and posting engine — that part is coherent. However, posting to X/Twitter normally requires API keys/OAuth tokens; the SKILL.md does not declare any required credentials or explain how to supply them. It also mentions agent tools (auto_reply, check_x_stats) that imply external integration. The absence of declared credentials for the platform the skill integrates with is a misalignment.
Instruction Scope
The SKILL.md directs the user/agent to git clone a GitHub repo and run node api-server.js, create and enable a systemd service, and open a firewall port (ufw allow 18790/tcp). It also documents a default admin password (admin/familiar). These instructions involve fetching and executing remote code, making persistent system changes, and exposing a web UI — but provide no guidance on securing the service (TLS, hardening, rate limits) or how external posting credentials are handled. Opening the port coupled with a default password is a security risk.
Install Mechanism
There is no formal install spec in the registry, but the runtime instructions instruct cloning code from https://github.com/m-lwatcher/familiar-app and running it. Pulling and running third-party code from a GitHub repo is a moderate-to-high risk action unless the repository and release artifacts are audited and trusted. The repo owner is not documented in the registry metadata, and there are no pinned releases or checksums suggested.
Credentials
Registry metadata declares no required environment variables, yet the SKILL.md references FAMILIAR_PASSWORD and the app's posting functionality to X/Twitter would require API credentials (tokens/keys) that are not declared or explained. This omission means the skill asks you to run networked, credentialed behaviour without telling you what secrets it will use or need, which is disproportionate and opaque.
Persistence & Privilege
The instructions explicitly create and enable a systemd service and modify the firewall, actions that require elevated privileges and create a persistent background process. While persisting a service is consistent with deploying a web app, the skill does this without recommending best practices (running as a dedicated non-root user is mentioned but not enforced, no TLS, default credentials present). Persistent privileged changes plus exposed endpoints increase attack surface and should be treated cautiously.
What to consider before installing
Before installing or following these instructions, review the GitHub repository source code and commit history to verify the project and its maintainer. Do not run the clone/run/systemd commands on a production host without auditing the code. Ensure you: (1) identify and supply proper X/Twitter API credentials and verify how they are stored/used (the SKILL.md does not declare them); (2) change the default admin password immediately and enforce strong authentication; (3) run the service behind TLS and/or a reverse proxy and restrict access (do not blindly open the port to the internet); (4) run the app as an unprivileged user or inside a container/VM for isolation; (5) check for any hardcoded secrets or outbound network calls in the repo; (6) prefer pinned releases or signed artifacts rather than cloning main branch; and (7) if you lack the ability to audit the code, treat this as untrusted software and avoid giving it privileged system access.Like a lobster shell, security has layers — review code before you run it.
latestvk9790dqp8w9wemt09h77nzgn2n83y8zg
License
MIT-0
Free to use, modify, and redistribute. No attribution required.