Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Safe Facebook Messenger
v1.0.2Operate Facebook Messenger safely through a live signed-in Chrome session with remote debugging enabled using Chrome DevTools MCP. Use when sending direct me...
⭐ 0· 74·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The name/description (operate Messenger via a live signed‑in Chrome session using Chrome DevTools MCP) match the instructions. The skill does not request unrelated credentials or binaries and limits its scope to Messenger/browser UI verification — this is coherent.
Instruction Scope
SKILL.md instructs the agent to inspect and interact with Messenger UI state in a signed‑in browser (headers, composer, thread snippets, search results, etc.) and to verify before typing/sending. That behavior is expected for this purpose, but it necessarily grants access to conversation content and UI state. The doc emphasizes safety and not auto‑committing sensitive messages, which is good; however it relies on the surrounding runtime/operator to avoid logging, storing, or forwarding sensitive content — those runtime behaviors are not specified here and should be validated before use.
Install Mechanism
Instruction-only skill with no install steps or external downloads. This is the lowest install risk and matches the described operation (it assumes an existing local browser/DevTools connection).
Credentials
The skill requests no environment variables or credentials, which is appropriate. However, it depends on having a signed‑in Chrome profile and an active Chrome DevTools MCP connection (i.e., a remote debugging port). Those implicit requirements are reasonable but high‑sensitivity: an exposed DevTools port or an unintended signed‑in profile could permit message access or remote control. The SKILL.md does not declare runtime logging/telemetry policies — verify that the host will not exfiltrate or persist message content.
Persistence & Privilege
always:false (normal). The skill can be invoked autonomously (platform default). Because the skill can send messages via a live signed‑in browser, prefer operator‑supervised/manual invocation as the SKILL.md recommends. Autonomous invocation combined with inadvertent access to a sensitive profile or an exposed remote debugging port could cause undesired sends; this is an operational risk rather than an internal incoherence.
Assessment
This skill is coherent for its stated purpose but requires high‑sensitivity access: it controls a live, signed‑in Chrome session via DevTools (remote debugging). Before installing or enabling it:
- Only use with an intentionally chosen browser/profile that is signed in to the correct Messenger account (not your primary personal/work profile).
- Ensure the DevTools remote debugging port is bound to localhost or a trusted network and not exposed to the internet.
- Prefer manual/operator-supervised invocation; do not grant blanket autonomous sends.
- Confirm your runtime (the agent host) does not log, upload, or otherwise persist message contents or UI snapshots — ask the integrator for a logging/telemetry policy.
- If you need stronger assurance, request the full runtime wiring or code that will drive DevTools MCP and inspect it (or run in a sandboxed test profile first).
If you are uncomfortable giving any tool access to a signed‑in browser profile, do not install/enable this skill.Like a lobster shell, security has layers — review code before you run it.
Scrubbed testing datavk976thw2h9d8v7e3g5rqypq7vh83c0sylatestvk97aym3rarcw063mdtx90apdbd83dapk
License
MIT-0
Free to use, modify, and redistribute. No attribution required.