ThreadClaw FastAPI (Queue + Publish)

The skill is designed to interact with a user's FastAPI backend via HTTP for managing Threads posts. Crucially, the `SKILL.md` explicitly instructs the AI agent to use an 'HTTP tool' and *not* `exec`, significantly mitigating shell injection risks. It also includes security best practices like validating the base URL, not logging secrets, and not forwarding secrets to shell commands. While any agent skill has a prompt injection surface, the instructions themselves are security-conscious and show no malicious intent or risky capabilities beyond its stated purpose of making HTTP calls.