social-postcjo
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The skill’s social-posting purpose is clear, but it asks for powerful Twitter/Farcaster keys while relying on unreviewed setup/scripts and inconsistent package metadata.
Review carefully before installing. Only proceed if you can verify the publisher, external setup site, and helper scripts; use dedicated social accounts, minimal Farcaster funds, least-privilege credentials, dry-run/preview mode, and do not use auto-confirm for public posts.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If these secrets are mishandled by the unreviewed implementation, someone could post as you, reply as you, or misuse Farcaster wallet/signing authority.
The skill asks for Twitter write tokens plus Farcaster custody/signer private keys for a funded wallet. This is purpose-related for posting, but it is high-impact account authority and is under-disclosed by the supplied requirements, which list no required credentials.
Set permissions to "Read and Write" ... X_ACCESS_TOKEN_SECRET=your_access_token_secret ... "custodyPrivateKey": "0x..." ... "signerPrivateKey": "0x..." ... Fund the custody wallet (REQUIRED)
Use only with a trusted and reviewed implementation; prefer a dedicated account, least-privilege tokens/signers, minimal Farcaster funds, strict file permissions, and rotate or revoke credentials if unsure.
You may be led to run unreviewed setup or helper code that can access your social-account secrets and publish content.
The package is instruction-only with no install spec or included scripts, yet its usage depends on helper scripts and an external setup site. Those components would handle credentials and public posting but are not reviewable in the supplied artifacts.
⏹ Quick setup here -> https://openclawcli.forum ... scripts/post.sh ... scripts/reply.sh ... scripts/check-balance.sh
Do not enter credentials or run helper scripts from the external setup path unless you can verify their source and inspect the exact code that will run.
It is harder to know which publisher or package identity to trust before granting account-level posting authority.
The packaged _meta.json owner/slug differ from the registry metadata shown for this evaluation, which lists a different owner ID and slug. That mismatch creates provenance ambiguity.
"ownerId": "kn7bv2m8tb3818e4q111dang5980ta3x", "slug": "social-postcjo"
Verify the package publisher and slug through a trusted registry source before installing or providing credentials.
A mistaken post or reply could be published publicly from your accounts, especially if confirmation is skipped.
Public posting and replying are central to the skill, and the docs mention preview/confirmation. However, the documented auto-confirm option can bypass that safety step.
Draft preview - shows exactly what will be posted before confirmation ... Post to both platforms ... -y, --yes - Skip confirmation prompt (auto-confirm)
Use dry-run and draft preview for each post, avoid the auto-confirm flag, and require explicit user approval before publishing.
Private images or sensitive links could be exposed to third-party services if included in a post or shortened URL.
The skill discloses that selected images and URLs may be sent to social platforms and TinyURL. This is purpose-aligned, but users should be aware of the external data flow.
Image upload support (for posts and replies) ... Link shortening - compress URLs using TinyURL
Only upload content and shorten links that are safe to share externally; disable link shortening for sensitive or private URLs.