Twitter Autopilot
ReviewAudited by ClawScan on May 10, 2026.
Overview
This skill appears to do what it says, but it gives an agent direct Twitter/X posting and account-management power, including optional cron-style automation, so it needs careful review before use.
Use this only for an account where automated Twitter/X activity is acceptable. Start in draft mode, require human review before public posts or follows, avoid unattended cron until you trust the workflow, protect and rotate API credentials, and pin dependencies in a controlled Python environment.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If an agent or cron job invokes these commands, it can publish or modify real Twitter/X account activity without a separate built-in approval step.
The script exposes direct Twitter/X mutation commands, including public posting, retweeting, deleting, following, unfollowing, and queue posting. These action commands are not technically gated by the MODE/DRAFT workflow before acting.
"post": lambda args: post(" ".join(args)), ... "retweet": lambda args: retweet(args[0]), "delete": lambda args: delete(args[0]), "follow": lambda args: follow(args[0]), "unfollow": lambda args: unfollow(args[0]), "queue": lambda args: post_from_queue(...)Use a dedicated account, keep the workflow in draft mode by default, require explicit human approval for posts and follows, and consider adding enforced mode checks inside every mutating command.
Anyone or any agent process with these tokens can post and perform account actions permitted by the Twitter/X app.
The skill requires Twitter/X credentials with read/write authority over an account. This is expected for the stated purpose, but it is powerful delegated access.
Set app permissions to **Read and Write** ... Generate: API Key, API Secret, Access Token, Access Token Secret
Use least-privileged credentials for a dedicated account, store tokens securely as environment variables, rotate them if exposed, and revoke the app if the skill is no longer used.
Installing the latest dependency version may change behavior over time or introduce dependency risk.
The dependency installation is user-directed and purpose-aligned, but it is unpinned and there is no lockfile or install spec in the provided artifacts.
pip install tweepy
Install in a virtual environment and pin a reviewed Tweepy version if this will be used for an important account.
Unexpected or tampered queue entries could be posted publicly if a scheduled run processes them.
The queue file is persistent local state that can become public Twitter/X content when processed. This is purpose-aligned, but queue contents should be trusted and reviewed.
if line.strip().startswith("- [ ]"):
text = line.strip()[5:].strip()
...
tid = post(text)Keep queue and draft files in a trusted workspace, review pending entries before auto mode, and avoid shared writable locations for these files.
A cron job could continue posting or engaging on the account until disabled.
The skill supports user-configured autonomous operation. The artifacts do not install a hidden background process, but scheduled use can continue beyond the initial task.
Can run autonomously via cron (check MODE.md to control)
Only add cron jobs intentionally, monitor the logs, set MODE.md to DRAFT when unattended posting is not desired, and remove scheduled jobs when finished.