X Auto-Tweet (Browser)
ReviewAudited by ClawScan on May 10, 2026.
Overview
This skill does what it advertises—automates X in your logged-in browser—but it can publish public posts on your account through scheduled automation and makes safety/ToS claims that are not fully backed by the code.
Install only if you are comfortable with browser-based automation controlling your logged-in X account. Before enabling cron or full-auto mode, add hard posting limits, require explicit approval for every tweet, review the local queue/history files, and verify platform policy risks yourself. The provided source does not show credential theft or hidden exfiltration, but the account-action risk is real.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the queue is wrong, stale, or auto-filled by an agent, multiple public tweets could be posted from the user's account.
The script uses the logged-in browser to click the X post button and iterates through every item in the approved queue. The code does not show a hard daily limit or a fresh per-tweet confirmation before publishing.
await page.click('[data-testid="tweetButtonInline"]'); ... for (const tweet of queue) { const success = await postTweet(tweet.text); }Require explicit user confirmation immediately before each post, enforce daily limits in code, and avoid letting cron or agents call posting scripts directly without review.
A user may assume this is policy-safe automation when it could still violate platform rules or put the account at risk.
The skill frames browser automation as API-cost bypass, includes anti-detection guidance, and reassures users about ToS risk. Those claims could lead users to underestimate platform/account consequences.
Automate X posts via browser control - bypass $200/month API costs. ... ## Anti-Detection ... Human-like mouse movements ... You're not violating X ToS any more than using the website normally.
Treat the ToS and account-risk claims as unverified; review X's automation policies yourself and disable anti-detection or full-auto behavior if it is not acceptable.
Anything the automation posts is posted as the logged-in account, and the browser session remains usable across runs.
The skill does not require API keys, but it does rely on the user's authenticated browser session to act as the user's X account.
Requires one-time login ... Session persists across runs ... This uses YOUR browser session
Use a dedicated browser profile/account if possible, keep the session locked down, and log out or close the CDP-enabled browser when not using the skill.
If enabled, the skill can keep generating or posting content on a schedule after the initial setup.
The documentation explicitly supports recurring and optionally fully automatic posting. This is disclosed and purpose-aligned, but it creates persistent autonomous activity on a public account.
Cron job runs every 4 hours ... Post approved tweets automatically ... Phase 3: Full Auto (Optional) ... I post within guidelines you set
Only enable cron/full-auto mode with clear stop conditions, review logs regularly, and keep approval required unless you are comfortable with unattended public posting.
Future installs could pull a different compatible Playwright release than the one originally tested.
The dependency is specified as a semver range rather than an exact pinned version. Playwright is expected for this skill, but installs may resolve to different versions over time.
"dependencies": { "playwright": "^1.40.0" }Pin dependencies with a lockfile before production use and install only from trusted package registries.
Drafts and posting history remain on disk, and anything placed in the approved queue may later be posted.
The skill persists local posting queues, drafts, and history that can influence future posting actions.
approved-queue.json - Tweets waiting to be posted ... tweet-history.json - All tweets posted via this skill ... pending-approval.json - Tweets awaiting your review
Review and protect the data directory, clear stale queues, and do not share the runtime data files.