ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Twitter Thread Creation

v0.1.5

Twitter/X thread writing with hook tweets, thread structure, and engagement optimization. Covers tweet formatting, character limits, media attachments, and p...

0· 790·2 current·2 all-time
byÖmer Karışman@okaris
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (Twitter/X thread creation) align with the actions in SKILL.md: composing tweets, structuring threads, and posting via a CLI. The commands shown (infsh app run x/post-create, html-to-image, agent-browser) are coherent with producing and publishing threads and media.
Instruction Scope
The SKILL.md instructs the agent to: install and run a third‑party CLI (inference.sh), run infsh commands that can post to X, generate images, and take website screenshots. It does not instruct reading local files or env vars, but it does direct network activity and installation of a binary — beyond pure text-generation. It also implies an interactive login step (infsh login) though no credentials are declared in the registry.
!
Install Mechanism
The skill recommends running curl -fsSL https://cli.inference.sh | sh (remote installer) which downloads binaries from dist.inference.sh. This is a high‑risk install pattern (remote script piped to shell). The domain is not a widely known package host (e.g., official GitHub releases), and the registry provides no install spec or integrity guarantees beyond pointing to a checksums.txt. This increases supply‑chain risk and potential for executing arbitrary code on the host.
Credentials
The registry declares no required env vars or credentials, which is internally consistent, but the instructions implicitly require authenticating to inference.sh and (via that tool) granting access to post on X. The skill does not declare or justify where credentials will be stored or which services will be authorized, which is an omission users should be aware of.
Persistence & Privilege
always:false (good). The skill allows autonomous invocation (platform default). Combined with the instruction to install and run a third‑party CLI that can post to X, autonomous invocation increases the blast radius (it could install and post if the agent has permission). The skill itself does not request persistent privileges or modify other skills.
What to consider before installing
This skill appears to do what it says (help craft and post X threads) but it relies on installing and using a third‑party CLI via a curl|sh installer (dist.inference.sh). Before installing or allowing an agent to run it: 1) do not run curl | sh blindly — review the installer script and verify checksums from a trusted channel; 2) understand that you will need to authenticate the CLI to post to your X account — consider using a separate/sandbox account or least‑privilege credentials; 3) prefer manual installation from a verifiable release (and inspect the binary/source) rather than letting an autonomous agent perform the install; 4) if you enable autonomous invocation, restrict the agent’s permissions or disable automatic tool execution so it cannot install software or post without explicit confirmation. If you want a lower‑risk option, use the writing guidance from the SKILL.md but post manually via the official Twitter/X interface or a vetted, well‑known client.

Like a lobster shell, security has layers — review code before you run it.

latestvk97755y0xc4re4wxw51wgpsbwn81d6ab

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments