ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

qwe

v1.0.0

Facebook Publisher Skill (Automate Page Posts via Graph API)

0· 87·0 current·0 all-time
byPhan Văn Năng@yunneetoichoi
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The SKILL.md and code implement Facebook Page posting and token exchange, which matches the declared purpose. However config.py's validate() lists unrelated required env vars (OPENAI_API_KEY and APIFY_API_TOKEN) in addition to Facebook vars. Those services (OpenAI, Apify) are not used anywhere else in the shipped scripts, so requiring them is disproportionate and incoherent with a pure FB publisher skill.
!
Instruction Scope
SKILL.md instructs interactive token flow and running provided scripts, which aligns with the code. But agents/fb_token_helper.py instructs users to select a specific App ID (4348763312075291) in Graph Explorer — this encourages using an app that may not be the user's and is a red flag. The helper prints long-lived tokens to the console and writes them to a local JSON file (fb_tokens_output.json), contradicting the SKILL.md's own 'Never log tokens' guidance and increasing leak risk.
Install Mechanism
No install spec; this is an instruction-and-code-only skill. Nothing is downloaded or installed automatically, which lowers supply-chain risk.
!
Credentials
SKILL.md declares FB_APP_ID, FB_APP_SECRET, FB_PAGE_ID, FB_PAGE_ACCESS_TOKEN which are appropriate. But config.py also reads many other env vars (OPENAI_API_KEY, APIFY_API_TOKEN, FB_CLIENT_TOKEN, FB_USER_ACCESS_TOKEN) and its validate() will raise if OPENAI_API_KEY and APIFY_API_TOKEN are not set — these appear unrelated to Facebook posting and are disproportionate. The skill asks users to paste tokens interactively and then prints/saves them, which is unnecessary exposure of secrets.
Persistence & Privilege
The skill does not request special platform privileges and always:false. However fb_token_helper.py persists tokens to fb_tokens_output.json and suggests storing tokens in .env; both create local persistence that can be accidentally committed or accessed by other processes. The skill does not modify other skills or system-wide settings.
What to consider before installing
This skill largely does what it claims (posting to Facebook Pages), but there are several red flags you should address before running it: 1) config.validate() requires OPENAI_API_KEY and APIFY_API_TOKEN even though those services are unused — remove or understand why they are required. 2) The token helper explicitly tells you to pick a specific App ID in Graph Explorer (4348763312075291) — do not use someone else's app; generate tokens with your own app and app secret. 3) The helper prints long-lived tokens to the console and writes them to fb_tokens_output.json; remove printing and file writes or ensure you run in an isolated environment and never commit saved token files. 4) If you plan to run these scripts, run them in an isolated VM/container, review and remove any hardcoded sample values, and avoid pasting production secrets until you confirm the code has been cleaned. Given these issues, proceed only after code cleanup or further verification.

Like a lobster shell, security has layers — review code before you run it.

latestvk97d3ffedf4d2a4njxv4nbf2ph836gj6

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Environment variables
FB_APP_IDrequired
FB_APP_SECRETrequired
FB_PAGE_IDrequired
FB_PAGE_ACCESS_TOKENrequired

Comments