Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Social Bot
v1.0.0Reddit & X/Twitter auto-reply bot for ecommerce/SaaS growth. Finds relevant posts about AI customer service, Amazon FBA, Shopify — posts genuine AI-generated...
⭐ 0· 70·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The code and SKILL.md align with the declared purpose: automated replies on Reddit and X via browser automation and Claude (Anthropic). However the package/registry metadata claims no required env vars or install steps while SKILL.md and code require ANTHROPIC_API_KEY, the browse CLI, and provide install scripts—this metadata mismatch is an incoherence the user should notice.
Instruction Scope
Runtime instructions and code perform broad actions: control a local Chrome session via the browse CLI (including logging in via Google OAuth), scrape pages, post comments/replies, and send post content/snippets to Anthropic. These actions are consistent with purpose but have broader scope than a simple 'reply helper' (e.g., account warmup, LaunchAgent scheduling, dashboard web server). The SKILL.md also instructs running a remote install script (curl | bash), which grants arbitrary install-time discretion.
Install Mechanism
No formal install spec in registry, but SKILL.md tells users to run `curl .../install.sh | bash` from raw.githubusercontent.com. The repository includes install.sh/setup.sh and a macOS LaunchAgent registration step. Executing a remote install script (pipe-to-shell) is high-risk—inspect the script before running and prefer manual install steps or running in an isolated environment.
Credentials
The code only requires an ANTHROPIC_API_KEY (as used by bot/ai_engine.py) which is proportional to its use of Claude. However registry metadata did not declare this env var; the SKILL.md does. Also the browse CLI will use a real browser session (cookies, logged-in accounts) which gives the skill access to any accounts signed in to that browser profile—this is sensitive and should be isolated.
Persistence & Privilege
Although always:false, the install instructions advertise registering a macOS LaunchAgent to run daily and start a local dashboard (Flask). That creates persistent scheduled execution and an always-on web endpoint on localhost. This is expected for a bot but is a privilege escalation relative to a purely ephemeral skill install—inspect install.sh and be comfortable with background scheduled tasks before proceeding.
What to consider before installing
Key things to consider before installing: (1) Do NOT run the one-line `curl | bash` blindly — review install.sh and setup.sh contents first. (2) This tool requires your ANTHROPIC_API_KEY and will send scraped post content/snippets to Anthropic for reply generation; ensure you are comfortable with that data leaving your machine. (3) The bot controls a real browser session via the browse CLI; run it in a dedicated browser profile or VM so other logged-in accounts/cookies aren't accessible. (4) The installer may register a scheduled job and run a local web dashboard—check and approve those actions manually. (5) Automated posting/warmup can violate Reddit/X policies and risk account suspension; consider the policy and legal/ethical implications. (6) If you want to proceed, audit the GitHub repo and install scripts, run in an isolated environment (VM/container), and limit the Anthropic key's billing/permissions if possible.Like a lobster shell, security has layers — review code before you run it.
latestvk9725cnaxnzvpwpese0xwazzks838gs8
License
MIT-0
Free to use, modify, and redistribute. No attribution required.