ThreadClaw FastAPI (Queue + Publish)
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is a coherent instruction-only integration for calling a user’s FastAPI backend to queue or publish Threads posts, but users should notice that it can trigger public posting and uses a backend queue secret.
This appears safe to install as an instruction-only integration if you control and trust the FastAPI backend. Before use, configure the backend URL and queue secret securely, prefer HTTPS, confirm posts before publishing, and avoid sending unnecessary personal metadata.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user’s Threads content could be queued or published through the backend if the agent invokes this skill after a user request.
The skill can cause a backend to queue, schedule, or publish social media content. That is purpose-aligned and disclosed, but public posting is a high-impact action.
Use this skill whenever the user asks to **generate**, **queue**, **schedule**, or **publish** content to Threads.
Confirm the final post text, images, account/tenant, schedule time, and publish mode before using it for real publishing.
Anyone with the queue secret and backend URL may be able to submit publish requests, depending on the backend’s protections.
The skill uses a secret to authorize backend publish requests. This is expected for the integration and the document says not to log it, but it is still delegated posting authority.
`THREADS_QUEUE_SECRET` (the value to send as `X-Queue-Secret`, only for `/threads/publish`)
Store the secret in secure environment configuration, prefer HTTPS backend URLs, rotate the secret if exposed, and keep backend authorization scoped.
Chat IDs, usernames, prompts, and content may be sent to the backend and stored or processed there.
The example payload forwards chat/user identifiers and post context to the configured FastAPI backend. This is plausible for routing and audit metadata, but it is user-related data crossing a service boundary.
"meta": { "tenant_id": "agency_paris", "source": "telegram", "chat_id": "<tg chat id>", "user_id": "<tg user id>", "username": "<tg username>" }Send only metadata the backend truly needs, document retention on the backend, and avoid including sensitive personal data in prompts or post metadata.
If a user obtains similarly named scripts from elsewhere, those scripts are outside this review.
The README refers to helper scripts, but the supplied manifest contains only README.md and SKILL.md. There is no evidence those scripts are installed or executed, but they are not reviewed artifacts here.
Helper scripts - `publish.ps1`: generic HTTP POST helper - `threads_publish_and_poll.ps1`: convenience script
Use only the included instruction-only skill unless the helper scripts are supplied from a trusted, reviewed source.