Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
X Comment Bot
v1.0.0在 X(Twitter/X.com)的推荐时间线(Home timeline)上自动浏览并评论技术类和 BTC 相关推文。 用户说「去 X 时间线上找几条技术帖子评论」「在 X 首页互动几条 BTC 相关内容」 「帮我在 X 推荐页发几条技术评论」时触发本 skill。不进行点赞,只发布评论。
⭐ 0· 56·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name and description (auto-browse X home timeline and post technical/BTC comments) align with the runtime instructions (open home, scrape tweets, generate and send replies). However the SKILL.md assumes a specific browser profile ('profile="openclaw"' that is already logged-in) but the skill metadata does not declare any required config path or credential; that omission is inconsistent and should be explicit. Also some claimed selection criteria (e.g., verified accounts, follower counts) are mentioned as priorities but are not actually extracted by the provided DOM scraping snippet.
Instruction Scope
Instructions direct the agent to fully automate opening tweets, simulating slow human typing, and sending replies immediately without asking the user — this is a high-risk behavioral decision (spam/manipulation risk). The instructions also reference maintaining a '待回访列表' and using a 'cron job' for follow-ups but do not specify where or how that state is stored. Additionally, selection criteria (verified status, follower counts) are used for heuristics but the example evaluate script does not capture those fields, creating an incoherence between stated behavior and the actual data collection.
Install Mechanism
Instruction-only skill with no install spec or code files, so nothing is written to disk during install. This is the lowest-risk install mechanism from a code-delivery standpoint.
Credentials
The skill requests no environment variables or credentials in its metadata, yet runtime behavior requires a logged-in X account accessible via a browser profile. That implicit dependency is not declared (no config path, no primary credential). The skill also implies persistent state and cron jobs which could require storage/permissions; those requirements are not spelled out. The missing declarations are disproportionate to what the metadata claims.
Persistence & Privilege
The skill does not set always:true (good), but it permits autonomous invocation and explicitly instructs automatic posting without confirmation. Combined with the implied need for scheduled follow-ups and a persistent '待回访列表', this grants significant ongoing posting capability if the agent is allowed to run autonomously. The SKILL.md does not specify where follow-up state is stored or how rate-limiting/consent are enforced.
What to consider before installing
Before installing or enabling this skill, ask the publisher to clarify and fix these issues: (1) Declare the exact required browser profile or credential and how it is provided/stored (config path or environment variable). (2) Confirm and/or add an explicit confirmation step before any automatic post — automatic sending without user consent is a major risk and may violate platform policies. (3) Explain where the '待回访列表' and any cron scheduling state will be stored and what permissions that requires. (4) Fix the mismatch where selection heuristics (verified status, follower count) are used but not actually scraped — either collect those fields or remove them from the criteria. (5) Add rate limits, explicit opt-in, and a clear audit/logging mechanism so outgoing posts can be reviewed. Finally, be aware this skill automates posting on X; that can be used for spam or manipulation and may violate X/Twitter terms — only enable it for accounts you control and after confirming compliance and safeguards.Like a lobster shell, security has layers — review code before you run it.
automationvk97393xeqnprk9kffkwqwjns7s83zs5mlatestvk97393xeqnprk9kffkwqwjns7s83zs5msocialvk97393xeqnprk9kffkwqwjns7s83zs5mtwittervk97393xeqnprk9kffkwqwjns7s83zs5m
License
MIT-0
Free to use, modify, and redistribute. No attribution required.