Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Social Draftsmith
v1.2.1Draft, rewrite, adapt, and publish social media posts with an approval-first workflow across Facebook, X, and Reddit. Use when the user wants to turn an idea...
⭐ 0· 55·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims Facebook/X/Reddit publishing and includes publisher scripts for those platforms, which is coherent. However the registry metadata lists no required environment variables or primary credential even though the scripts require multiple service credentials (FACEBOOK_PAGE_ACCESS_TOKEN, REDDIT_CLIENT_ID/SECRET/USERNAME/PASSWORD/USER_AGENT, TWITTER_* keys/tokens). The omission between claimed capabilities and declared requirements is a substantive mismatch.
Instruction Scope
SKILL.md generally stays on-scope (draft, preview, approval-first, prepare assets, and only publish after explicit approval). It instructs saving usable image files and passing concrete file paths into publishers. However SKILL.md does not enumerate the runtime credential/environment expectations that the publisher scripts actually read, nor does it call out the default destination path used by prepare_image_asset (/home/pi/.openclaw/workspace/social-assets).
Install Mechanism
There is no install spec (instruction-only), which is low risk in principle. But the repository includes executable Python scripts that will be run by the agent at runtime; there is no install-time vetting URL or signed release. That combination (no install spec + shipped code that performs network/auth operations) means reviewers should inspect the bundled scripts before allowing execution.
Credentials
The code requires multiple sensitive environment variables and credentials (Facebook page ID & page access token; Twitter/X API key/secret & access token/secret; Reddit client id/secret, username, password, user agent, plus optional REDDIT_DEFAULT_SUBREDDIT). Requiring a Reddit username and password (resource-owner password grant) is particularly sensitive. These environment variables are not declared in the registry metadata/requirements, which is disproportionate and increases the risk of accidental credential exposure.
Persistence & Privilege
The skill does not request always:true and does not claim elevated platform privileges. It writes to a local workspace path when preparing assets (creates /home/pi/.openclaw/workspace/social-assets by default), which is expected for an asset workflow but should be noted; there is no evidence it modifies other skills or global agent config.
What to consider before installing
Do not install or run this skill without reviewing and deciding how you'll supply credentials. The packaged scripts will attempt to use Facebook, X (Twitter), and Reddit APIs and require service credentials — but the registry metadata doesn't list them. Before using: (1) inspect the included Python scripts yourself (or have someone you trust do so); (2) prefer creating dedicated API/app credentials with limited scopes rather than reusing personal password for Reddit (the code uses a password grant); (3) confirm where image files will be written (default /home/pi/.openclaw/workspace/social-assets) and whether that path is acceptable; (4) test in a sandbox account/environment first (use dry-run flags present in the scripts); and (5) if you don't want automated posting, ensure you never provide the credentials or deny the skill permission to run publisher commands. If you want the skill but not network posting, restrict it to drafting-only by never providing the env vars and using dry-run/manual workflows.Like a lobster shell, security has layers — review code before you run it.
latestvk97ff8a5gczeacr619nxht6q7x83ryrb
License
MIT-0
Free to use, modify, and redistribute. No attribution required.