ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

X CDP Automation

v1.0.0

Automate X (Twitter) via Chromium CDP: post tweets, reply, quote-retweet, publish articles. Uses real browser sessions with existing login, no API keys neede...

6· 519·2 current·2 all-time
byJason Chai@stwith
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description, SKILL.md, and the shipped scripts all implement browser-driven posting, replying, quote-retweeting and article publishing via Chromium CDP. No unrelated env vars, cloud credentials, or hidden network endpoints are requested — the required artifacts (Chromium, puppeteer-core, profile dirs) are proportionate to the claimed purpose.
Instruction Scope
The instructions and scripts drive a real browser using an explicit user-data-dir profile and will use whatever logged-in X session is present. They read local files (images, body files), create profile directories under ~/chromium-profiles, save dry-run screenshots to /tmp, and may auto-run npm to install puppeteer-core. All of this is consistent with browser automation but implies access to session cookies and any data in that profile (so the tool can act as your account).
Install Mechanism
There is no formal install spec, but setup.js will auto-install puppeteer-core using npm into /tmp/node_modules (execSync running npm). npm installs from the public registry (moderate, traceable risk). This is expected for Node-based automation, but auto-installing at runtime into /tmp and modifying module.paths increases the attack surface if /tmp is untrusted or the registry/package were compromised.
Credentials
The skill asks for no environment variables or external credentials. It does rely on local Chromium profiles and existing logged-in sessions (which implicitly grant access to your X account). That behavior is proportional to the stated goal but is sensitive — the scripts can use cookie/session state to post as the user.
Persistence & Privilege
always: false and no system-wide modifications are requested. The skill will create profile directories (~ /chromium-profiles) and write to /tmp, and it launches Chromium with a user-data-dir. It does not change other skills or global agent config. These are reasonable for browser automation but are persistent on disk.
Assessment
What to consider before installing/using this skill: - Review the scripts locally before running. The tool will operate the browser using your profile, so it can act with whatever X session (cookies/tokens) is present. - Prefer creating and using an isolated Chromium profile (not your main profile) via the --profile and --port flags to avoid exposing other sessions or data. - Run with --dry-run first to verify behavior; dry-run saves a screenshot under /tmp so you can confirm the composed content won't be posted. - The setup auto-installs puppeteer-core into /tmp via npm. Consider installing puppeteer-core yourself (verify version) and setting NODE_PATH instead of letting the script auto-install. - Because the script spawns Chromium with a user-data-dir, any attacker or misused script could post as you — only run this on machines you control and avoid using your primary account if you want extra safety. - If you want stronger isolation, run this inside a disposable VM or container and/or inspect /tmp/node_modules after installation to ensure no unexpected packages were installed. - Limit agent autonomy: require explicit user confirmation before posting (the SKILL.md describes an approval step — keep that in place). Do not grant blanket autonomous invocation to the agent without oversight. - If unsure, test on a secondary or throwaway X account first.

Like a lobster shell, security has layers — review code before you run it.

automationvk97c1wqcx409fb73qqagk2cft181x1h5cdpvk97c1wqcx409fb73qqagk2cft181x1h5chromiumvk97c1wqcx409fb73qqagk2cft181x1h5latestvk97c1wqcx409fb73qqagk2cft181x1h5puppeteervk97c1wqcx409fb73qqagk2cft181x1h5twittervk97c1wqcx409fb73qqagk2cft181x1h5xvk97c1wqcx409fb73qqagk2cft181x1h5

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments