Description

Post to X (Twitter), LinkedIn, Facebook, and TikTok via Claw Post API. Search for Facebook groups, join them, and post to them. Use when the user wants to pu...

README (SKILL.md)

Claw Post

Name: Social Posting for Openclaw
Author: daydreamnationtechlabs

Social posting infrastructure for AI agents. A paired browser extension publishes from the user's real browser session — no API keys to the social platforms needed.

Why Claw Post

Zero credential exposure for social platforms. No OAuth tokens or social-platform passwords are sent to the agent or to Claw Post for posting. You use one Claw Post API key for API calls only; social sessions stay in the paired Chrome browser.
Lower ban risk. Posts are published through the real browser UI with human-like timing — not via automation-flagged API endpoints or headless browsers.
Multi-platform, one API. X, LinkedIn, Facebook (feed and groups), and TikTok — all through a single POST /v1/jobs/tweet endpoint.
Facebook Groups automation. Search by keyword, filter by size and activity, join groups, and post — full discover-to-post workflows that traditional OAuth tools cannot do.
Simple setup. Sign up → install extension → pair with 6-digit code → provide one API key. No OAuth app registration, no token refresh logic, no per-platform credentials.
Low cost per post. Free tier included; paid plans scale affordably. See clawpost.net for pricing.

Capabilities

Capability	Endpoint	Platforms
Post to feed or group	`POST /v1/jobs/tweet`	X, LinkedIn, Facebook, TikTok
Upload media for posts	`POST /v1/media/upload`	X, LinkedIn, Facebook, TikTok
Search for groups	`POST /v1/groups/search`	Facebook
Join a group	`POST /v1/facebook/groups/join`	Facebook
Check group membership	`POST /v1/facebook/groups/status`	Facebook
Poll any job result	`GET /v1/jobs/:id`	All

All endpoints require the clawpost-api-key header.

Prerequisites (instruct the human)

Before any action works, the human must:

Sign up at clawpost.net
Install the Claw Post Chrome extension from the Chrome Web Store
Pair the extension in the Dashboard (6-digit code from the extension popup)
Set the CLAWPOST_API_KEY environment variable in the agent (copy the key from the Dashboard — it is not embedded in this skill file)
Log in to the target platform once in their browser (x.com, linkedin.com, facebook.com, or tiktok.com)

Extension scope. The Chrome extension is designed to activate on supported social sites and when communicating with the Claw Post API. Verify permissions on the Chrome Web Store listing and review the Terms of Service before installing.

If the agent gets EXTENSION_NOT_PAIRED or not_logged_in, direct the human to complete these steps.

Authentication

All requests use the clawpost-api-key header:

clawpost-api-key: YOUR_CLAWPOST_API_KEY

The value above is a placeholder. Set the real secret via the CLAWPOST_API_KEY environment variable (or your agent’s secret store); do not paste live keys into this file or commit them to version control.

API Base URL

https://api.clawpost.net

This is the stable, official Claw Post API endpoint. Full documentation: https://clawpost.net/api-docs

1. Posting

Create a post job, then poll for completion.

Create post

POST https://api.clawpost.net/v1/jobs/tweet
Content-Type: application/json
clawpost-api-key: YOUR_CLAWPOST_API_KEY

X (Twitter):

{ "text": "Hello world!", "platform": "x" }

LinkedIn:

{ "text": "Hello LinkedIn!", "platform": "linkedin" }

Facebook feed:

{ "text": "Hello Facebook!", "platform": "facebook" }

Facebook group (use groupUrl from search results, or a known groupId):

{
  "text": "Hello group!",
  "platform": "facebook",
  "platformPayload": { "groupUrl": "https://www.facebook.com/groups/123456789/" }
}

TikTok (video + caption):

{ "text": "Caption text", "platform": "tiktok", "mediaPaths": ["\x3Curl from upload>"] }

Optional fields:

platform – "x" (default), "linkedin", "facebook", or "tiktok"
mediaPaths – array of media URLs (upload first via media endpoint below)
idempotencyKey – unique string to prevent duplicate posts
platformPayload – Facebook group targeting: { "groupId": "..." } or { "groupUrl": "..." }

Poll job status

GET https://api.clawpost.net/v1/jobs/:id

Status progresses: queued → processing → succeeded | failed.

On success: response may include postUrl.
On failure: response includes error and errorCode.
Timing: posts execute through a real browser session. Allow 10–30 seconds before the job completes. Poll every 5–10 seconds.

2. Media upload

Upload media before posting. The returned URL goes into the mediaPaths array.

POST https://api.clawpost.net/v1/media/upload
clawpost-api-key: YOUR_CLAWPOST_API_KEY
Content-Type: multipart/form-data
Body: file=\x3Cmedia file>

Response:

{ "url": "https://storage.googleapis.com/..." }

Then include in a post:

{ "text": "Check this out!", "platform": "x", "mediaPaths": ["\x3Curl from upload>"] }

3. Facebook Group Search

Discover relevant groups to join and post in. Returns ranked results with names, member counts, activity hints, and join status.

Create search job

POST https://api.clawpost.net/v1/groups/search
Content-Type: application/json
clawpost-api-key: YOUR_CLAWPOST_API_KEY

{
  "platform": "facebook",
  "query": "ai automation",
  "filters": { "minMembers": 1000, "privacy": "any" },
  "limit": 20
}

platform: must be "facebook" (only supported platform for now).
query: search keywords (required).
filters.minMembers: minimum member count (optional).
filters.privacy: "public", "private", or "any" (optional).
limit: max results, up to 50 (optional, default 20).

Response:

{ "jobId": "\x3Cid>" }

Read search results

Poll GET https://api.clawpost.net/v1/jobs/:id until status is succeeded.

Results are in details.groupSearch.results[]. Each result:

Field	Type	Description
`name`	string	Group title (best-effort; may say "Group" if title not extractable)
`url`	string	Canonical group URL — use this for joining or posting
`platformId`	string?	Numeric Facebook group ID (when available)
`slug`	string?	URL slug (when available, e.g. `"aiautomationagency"`)
`privacy`	string?	`"public"`, `"private"`, or `"unknown"`
`memberCount`	number?	Approximate member count (when visible on search page)
`activityHint`	string?	Raw activity text, e.g. `"10 posts a day"`
`joinStatus`	string?	`"joined"`, `"requested"`, `"not_member"`, or `"unknown"`
`score`	number	0–1 relevance score (higher = better match)
`reasons`	string[]	Why this group scored well (e.g. `"keyword match"`, `"large member base"`, `"active"`, `"public"`)
`signals`	object?	Raw numeric signals: `keywordHit`, `memberCount`, `activityPerDay`

Reliability notes:

url is always present and reliable. Use it as the primary identifier.
name, memberCount, privacy, activityHint, and joinStatus are best-effort; they depend on what the search page exposes.
score and reasons are computed by the extension from available signals.

4. Facebook Group Join

Join a group so you can post to it. Use the url from search results (extract the group ID or pass the full URL).

Join a group

POST https://api.clawpost.net/v1/facebook/groups/join
Content-Type: application/json
clawpost-api-key: YOUR_CLAWPOST_API_KEY

{ "groupId": "123456789" }

Response: a job object. Poll GET /v1/jobs/:id for completion.

On success, check details.buttonState:

"joined" – user is now a member; you can post.
"requested" – group requires approval; wait and check status later.
"not_member" – join may not have worked; retry or inspect.

Check group membership status

POST https://api.clawpost.net/v1/facebook/groups/status
Content-Type: application/json
clawpost-api-key: YOUR_CLAWPOST_API_KEY

{ "groupId": "123456789" }

Same polling pattern. details.buttonState tells you the current membership state.

Recommended agent workflow: discover → join → post

Search for groups: POST /v1/groups/search with a relevant query.
Evaluate results: prefer groups with high score, memberCount >= 1000, privacy: "public", and activityHint showing regular posts.
Check membership: look at joinStatus in results:
- "joined" → skip to step 5.
- "not_member" or "unknown" → proceed to step 4.
Join: call POST /v1/facebook/groups/join with the group ID (extract from url or use platformId). Poll until details.buttonState is "joined" or "requested".
Post: call POST /v1/jobs/tweet with platform: "facebook" and platformPayload: { "groupUrl": "\x3Curl from search>" }.

Important: Some groups require admin approval before you can post. If details.buttonState is "requested", wait and re-check status later before attempting to post.

Security and privacy

Social platform logins stay in the browser. Posting uses the user’s existing session in Chrome. Claw Post does not ask you to send OAuth tokens or social passwords through this API for posting.
Extension scope. The published extension declares host access for supported social domains and the Claw Post API. Inspect the Web Store listing and manifest permissions before installing.
API key is tenant-scoped. Each CLAWPOST_API_KEY is tied to a single account and can be rotated from the Dashboard at any time.
HTTPS only. All communication between the agent, the API, and the extension uses TLS.
No executable code. This skill is instruction-only. It contains no scripts, no disk writes, no packages, and no persistence mechanisms.
Terms of Service: clawpost.net/terms

Error handling

Code / errorCode	Cause	Action
401	Invalid or missing API key	Check `clawpost-api-key` header
503 / `EXTENSION_NOT_PAIRED`	No paired extension	User must install and pair the extension at clawpost.net/dashboard
`not_logged_in`	User not logged in to the platform	User must log in to the platform in their browser
`no_x_tab` / `no_platform_tab`	No browser tab for the platform	Retry; extension will try to open one
`content_script_unavailable`	Extension could not reach the tab	Ask user to refresh the platform tab, then retry
`selector_not_found`	Platform UI changed or element not found	Retry after a short delay
`group_not_approved`	User not approved to post in this group	Join the group first or wait for approval; do not retry immediately
`challenge_required`	Platform security check (captcha/checkpoint)	Ask user to complete the challenge in their browser, then retry

On any failure, poll GET /v1/jobs/:id and read error and errorCode for details.

Reference

Full API docs: https://clawpost.net/api-docs

Usage Guidance

This skill is internally coherent, but it depends on a Chrome extension and a hosted API you cannot audit from this bundle. Before installing or enabling it: (1) Inspect the Chrome Web Store listing, reviews, and extension permissions; prefer extensions with source code or a published privacy/security audit. (2) Read clawpost.net/docs, privacy policy, and terms to learn how session data and posted content are handled and retained. (3) Store CLAWPOST_API_KEY in a secrets store (not in plaintext), rotate the key after testing, and grant the agent the minimum invocation privileges (or require explicit user confirmation) so it cannot autonomously post at scale. (4) Test with a low-risk account or small audience before using on production accounts. If you want higher assurance, request the extension source or third-party audit reports from the operator — absence of those increases residual risk and would lower confidence.

Capability Analysis

Type: OpenClaw Skill Name: clawpost Version: 1.1.8 The clawpost skill bundle provides instructions and metadata for an AI agent to automate social media posting and Facebook group management via the Claw Post API (api.clawpost.net). The skill follows a 'zero-credential' security model where the agent only manages a service-specific API key (CLAWPOST_API_KEY) while a browser extension handles platform-specific sessions. Analysis of SKILL.md, clawhub.json, and CHANGELOG.md reveals no evidence of malicious execution, data exfiltration, or prompt-injection attacks; the instructions are strictly aligned with the stated purpose of social media automation.

Capability Tags

requires-oauth-tokenposts-externally

Capability Assessment

✓ Purpose & Capability

The name/description match the runtime instructions: SKILL.md documents calls to api.clawpost.net endpoints for posting, media upload, group search/join, and job polling. Requesting a single CLAWPOST_API_KEY as the primary credential is proportional to a service-fronted posting tool. No unrelated credentials, binaries, or system paths are requested.

ℹ Instruction Scope

Instructions stay within the stated scope: they show HTTP requests to Claw Post endpoints and direct humans to sign up, install and pair a Chrome extension, and log into target social sites. The only out-of-band action is the required browser extension which will operate on the user's social-site sessions; SKILL.md claims 'no social-platform creds leave the browser' and tells users to verify extension permissions, but the skill bundle contains no code for the extension or the remote service so that claim cannot be validated from this package alone.

✓ Install Mechanism

This is instruction-only (no install spec or bundled code), so the skill itself writes nothing to disk. The only installation dependency is an external Chrome extension the human must install from the Web Store; that extension and the hosted API are outside the skill bundle and were not provided for review.

✓ Credentials

Only CLAWPOST_API_KEY is required and is declared as the primary credential in metadata and clawhub.json. That single API key is proportionate to the claimed service model (one-API-key tenant access). No other secrets or system config paths are requested.

ℹ Persistence & Privilege

always:false (default) and autonomous invocation is permitted (platform default). That combination is expected, but be aware: if the agent is allowed to run autonomously, it can create jobs that cause the paired browser extension to join groups and publish posts on behalf of the user. This is powerful operational capability and should be limited or audited according to your risk tolerance.

Version History

v1.1.8

Version 1.1.8 - Expanded authentication section to clarify that the Claw Post API key is not embedded in the skill file and should be set via environment variables only. - Improved security explanation: clarified that no social platform credentials or OAuth tokens are used or exposed, only a Claw Post API key. - Rewrote and expanded extension instructions, including more guidance on safe setup and extension permissions. - Added reminders not to paste keys into skill files or version control. - General text cleanup for clarity and less risk of credential mishandling.

v1.1.7

- Updated skill metadata to include `requires` with required environment variables. - Refined environment variable naming to use `CLAWPOST_API_KEY` (was previously escaped). - Minor formatting and typographic consistency improvements throughout documentation. - No changes to endpoints, features, or core functionality.

v1.1.6

clawpost 1.1.6 Changelog - Improved description and clarity in documentation for setup steps and platform security. - Enhanced language on credential privacy, browser session, and workflow simplicity in the Why Claw Post section. - Adjusted escape characters in sample code and group search result fields for consistency and accuracy. - No changes to source code or endpoints; changes limited to documentation and instructional text.

v1.1.5

- No changes in functionality; this version contains no file updates. - All existing features and documentation remain the same as the previous version.

v1.1.4

clawpost 1.1.4 - Added new configuration file: clawhub.json - No changes to functionality or API; this update is for platform or metadata configuration only.

v1.1.3

Clawpost v1.1.3 Changelog - Updated API base URL to https://api.clawpost.net (from a previous regional variant). - Added explicit environment variable configuration with a required `CLAWPOST_API_KEY`. - Improved and clarified prerequisites and authentication steps, highlighting security and privacy details of the browser extension. - Enhanced documentation structure with a new "Why Claw Post" section and clearer multi-platform, group, and media-posting instructions. - Minor fixes and updated external documentation and extension links.

v1.1.2

Clawpost — Secure social posting for AI agents via real browser extension. Post to X, LinkedIn, Facebook (feed + groups), TikTok (coming soon). Search & join Facebook groups. No platform API keys or credential sharing. Human-like behavior with retries. Built for OpenClaw marketing teams — autonomous posting, group discovery, low ban risk.

v1.0.0

Let your agents publish to X without official API keys, credential sharing, or fragile scripts. One API call. Real browser sessions. Reliable delivery.

Metadata

Slug clawpost

Version 1.1.8

License MIT-0

All-time Installs 1

Active Installs 1

Total Versions 8

Frequently Asked Questions

What is Social Posting for Openclaw?

Post to X (Twitter), LinkedIn, Facebook, and TikTok via Claw Post API. Search for Facebook groups, join them, and post to them. Use when the user wants to pu... It is an AI Agent Skill for Claude Code / OpenClaw, with 119 downloads so far.

How do I install Social Posting for Openclaw?

Run "/install clawpost" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Social Posting for Openclaw free?

Yes, Social Posting for Openclaw is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Social Posting for Openclaw support?

Social Posting for Openclaw is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Social Posting for Openclaw?

It is built and maintained by Daydream Nation Tech Labs LLC (@daydreamnationtechlabs); the current version is v1.1.8.

More Skills

Social Posting for Openclaw