Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Twitter Automation
v0.1.5Automate Twitter/X with posting, engagement, and user management via inference.sh CLI. Apps: x/post-tweet, x/post-create (with media), x/post-like, x/post-re...
⭐ 2· 2.2k·20 current·20 all-time
byÖmer Karışman@okaris
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name, description, and runtime instructions align: the SKILL.md consistently describes using the inference.sh CLI to post, like, retweet, DM, follow, and query X/Twitter. The actions and example commands map to the stated purpose. No unrelated services or credentials are requested in the manifest.
Instruction Scope
The instructions stay within the scope of social automation (install CLI, run infsh app run <app> with JSON inputs). They do instruct 'infsh login' which implies creating/storing authentication tokens via the CLI, but they do not instruct reading arbitrary local files or exfiltrating data. However, the SKILL.md also references other platform apps (image/video generation) which may require their own credentials or external uploads; that increases the attack surface if you follow those workflows.
Install Mechanism
There is no install spec in the registry; instead SKILL.md suggests piping a remote install script (curl -fsSL https://cli.inference.sh | sh) that downloads a binary from dist.inference.sh. That is a high-risk install pattern: it pulls and runs code from a third-party domain rather than a well-known package host. The doc claims SHA-256 checksums are available, but verification is manual and depends on the user trusting the distribution site and TLS chain. This is the main security concern.
Credentials
The registry declares no required environment variables or primary credential, but the runtime requires 'infsh login' (i.e., the CLI will obtain and store auth tokens). That is reasonable for a social media automation tool, but it's not explicit in the manifest—so you should verify what credentials/tokens the CLI requests, where it stores them, and whether it requires OAuth/API keys for X/Twitter or proxies them through inference.sh.
Persistence & Privilege
The skill does not request always:true and has no install spec in the registry that would force persistent system presence. The CLI login will likely store tokens/config in the user's home directory (expected behaviour) but the skill itself doesn't declare system-wide privileges or modify other skills.
What to consider before installing
This skill appears to do what it says (Twitter/X automation via the inference.sh CLI), but take precautions before installing: 1) Do not blindly run curl | sh — instead download the installer, inspect the script, and verify the SHA-256 checksums against the checksums.txt over HTTPS. 2) Confirm the legitimacy of inference.sh/dist.inference.sh (who operates them, repo, release signatures) before trusting binaries from that domain. 3) Understand what 'infsh login' does: what credentials it requests, where tokens are stored, and whether the CLI will forward your Twitter/X credentials to a third party. 4) Test with a throwaway or restricted account first, since automated likes/DMs/follows can violate platform TOS and risk account suspension. 5) If you want lower risk, prefer vendor-distributed packages on trusted registries or build from source and verify signatures; request the skill author include an explicit install spec or vetted package link. If you need help analyzing the installer script or the CLI's auth flow, provide the script or the relevant docs and I can review them.Like a lobster shell, security has layers — review code before you run it.
latestvk9780yd7bwfq8cdgrp8aggdbxh81d5gb
License
MIT-0
Free to use, modify, and redistribute. No attribution required.