Familiar App
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill is transparent about deploying an autonomous X/Twitter posting app, but it documents a persistent network-exposed admin service with default credentials and public posting controls.
Only install this if you intentionally want to run an autonomous social-posting service. Before deployment, inspect and pin the GitHub code, set a strong FAMILIAR_PASSWORD, restrict or proxy the dashboard instead of exposing port 18790 directly, define posting limits and approval rules, and know how to stop the systemd service.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the dashboard/API is reachable by unintended users, they may be able to manage users or queue public posts from connected accounts.
The VPS instructions open the app's management port, and the documented API can queue public social posts; the docs do not require network restriction, TLS, or review before exposing it.
sudo ufw allow 18790/tcp ... POST | `/api/users/:id/tweet` | Queue a tweet `{text}`Do not expose port 18790 directly. Bind to localhost or a VPN, use a reverse proxy with TLS, restrict firewall sources, and require explicit review before posting.
Leaving the default password in place could let anyone who reaches the service use the administrative interface.
The skill discloses a default admin credential for a multi-user dashboard; this is expected setup information, but it is sensitive because the dashboard controls users and queues.
Dashboard at http://localhost:18790 login: admin / familiar ... Default: `admin` / `familiar` — set `FAMILIAR_PASSWORD` env to change.
Set a strong unique FAMILIAR_PASSWORD before starting the service or opening any firewall rule, and prefer per-user or scoped administrative access if available.
A familiar could keep running and posting after the initial deployment unless the user actively stops or reconfigures it.
The app is designed for autonomous operation and the service configuration keeps it running persistently, but the docs do not include clear stop, disable, approval, or monitoring safeguards.
lets AI familiars run autonomously on X/Twitter ... core/user-daemon.js — Per-user background loop ... Restart=always
Use explicit start/stop procedures, monitor queues and logs, set conservative posting limits, and document how to disable the systemd service.
The code that actually runs the service may change over time or contain behavior not visible in this skill review.
The skill directs users to clone and run external code without a pinned commit or integrity check; this is normal for a deploy guide, but the reviewed artifact set does not include that code.
git clone https://github.com/m-lwatcher/familiar-app.git ... node api-server.js
Inspect the repository, pin a trusted commit, run it with least privilege, and avoid deploying updates automatically without review.
Stored persona or queue data may persist across runs and affect future posts; logs may also contain user or account information.
The app stores persistent per-user data, queues, logs, and persona files that can influence future autonomous behavior.
users/<id>/ — Per-user data, queues, logs, soul.md ... Each user has a `soul.md` defining their persona
Protect the users directory, avoid storing secrets in persona files or queues, review changes to soul.md, and define retention/backup practices.