x-recap

v2026.2.25

Monitor and recap official X (Twitter) updates using actionbook-rs screenshots. Use when the user asks to track/recap X posts (especially official accounts l...

⭐ 0· 448·1 current·1 all-time

by@jack4world

MIT-0

Download zip

LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

Name/description match the actual behavior: scripts call a local actionbook binary to open and screenshot specific X (Twitter) profile pages (AnthropicAI, claudeai). There are no unrelated requested credentials, binaries, or config paths.

✓

Instruction Scope

SKILL.md and runbook limit actions to: ensure login via actionbook, run the two fetch scripts, and recap screenshots. The scripts only open URLs and save screenshots with retries; they do not read other system files or send data to external endpoints.

✓

Install Mechanism

No install spec — instruction-only plus two small bash scripts. The scripts rely on a local actionbook binary (workspace/bin/actionbook). There are no downloads, package installs, or remote installers declared.

✓

Credentials

The skill declares no required env vars or credentials. It does require access to a local actionbook profile ("--profile x") which implies stored X session cookies in the actionbook profile; this is proportionate to the stated goal of capturing timeline screenshots.

✓

Persistence & Privilege

always:false and no modifications to other skills or system-wide settings. Scripts write only to workspace/output/x-claude* directories; no persistent elevated privileges or automatic always-on behavior are requested.

Assessment

This skill appears to do exactly what it says: use a local actionbook profile to take screenshots of two public X profiles and save them under workspace/output. Before installing, confirm: (1) the actionbook binary at workspace/bin/actionbook is trusted (it will hold/drive your X session cookies); (2) you are comfortable that screenshots saved locally may contain any visible content on those pages; (3) any downstream "recap" step (LLM or external service) will not inadvertently send screenshots or extracted text to external APIs unless you intend that; and (4) your cron jobs call only the provided scripts (per the runbook) to avoid duplicating fetch logic. If those are acceptable, the skill is proportionate to its purpose.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cnqapah2q7mccnft7g4qwh181tt23

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

x-recap

License

Comments