ClawHub

Tweet Crafter

v0.1.0

Drafts engaging tweets in copy-paste friendly code blocks and generates companion blog posts for various OpenClaw projects and announcements. Integrates with...

0· 186·0 current·0 all-time
by@austindixson
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (draft tweets and blog posts) align with the included script and SKILL.md. The script explicitly attempts to use a local Agent Swarm router (../../agent-swarm/scripts/router.py) and falls back to mocked generation — this matches the skill's stated dependency on Agent Swarm.
Instruction Scope
SKILL.md limits activity to drafting tweets/blog posts and integration with Agent Swarm. The script reads only its local config.json and checks for a local agent-swarm script; it does not access unrelated system paths or external endpoints. Note: the skill claims to 'enforce ClawHub link best practices' but in practice it only includes any provided ClawHub link in the prompt (no validation or enforcement is performed).
Install Mechanism
No install spec or downloads — instruction-only plus a local script file. Nothing is fetched from remote URLs or written by an installer, so install risk is low.
Credentials
No environment variables, credentials, or config paths are requested beyond reading its own config.json and checking for a relative agent-swarm script. The requested access is proportional to its stated functionality.
Persistence & Privilege
always is false and the skill does not modify other skills or system-wide settings. It does not request permanent presence or elevated privileges.
Assessment
This skill appears coherent and low-risk for its intended use. Before installing: (1) confirm you have (or want) a local Agent Swarm implementation at workspace/agent-swarm/scripts/router.py — the script will try to call that (or else it returns mocked content); (2) review the local agent-swarm/router.py if present and ensure you trust it, since the skill builds commands to spawn it (the current version simulates calls but future edits could invoke it); (3) note that the claimed 'ClawHub link enforcement' is only implemented by including any provided link in prompts, not by validation — don’t pass secrets or private tokens as the prompt arguments; (4) because the skill source is unknown, prefer installing from a trusted repo or reviewing the files in this package (scripts/tweet_crafter.py and config.json) before enabling autonomous invocation. Overall, nothing in the package asks for unrelated credentials or performs unexpected IO.

Like a lobster shell, security has layers — review code before you run it.

latestvk97e42cyrb1w5qs5e75zmpdx9x82hkzv

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments