social-postcjo

Post and reply on Twitter and Farcaster with character limit checks, image support, threads, link shortening, and draft preview.

This skill looks like a reasonable social-post helper, but there are important inconsistencies you should resolve before using it: - The SKILL.md expects local scripts (scripts/post.sh, scripts/reply.sh, scripts/check-balance.sh) and other skills (farcaster-agent) but the package contains no code — ask the author where those scripts come from and inspect them before running. - The metadata claims no required env or config paths, but the instructions tell you to store secrets in ~/.openclaw/.env and ~/.openclaw/farcaster-credentials.json (and even reference /home/phan_harry). That mismatch is suspicious — confirm the canonical config locations and update metadata. - The skill asks you to place private keys (custodyPrivateKey, signerPrivateKey, Twitter tokens) in plaintext files. If you proceed, restrict file permissions (chmod 600), keep backups secure, and prefer OAuth or delegated auth flows where possible. Do not paste private keys into unknown web forms or pastebins. - Do not run any scripts downloaded from untrusted sources. If the scripts are provided elsewhere, review their contents for network calls, uploads, or exfiltration before executing. - Consider testing with a throwaway account and using dry-run modes first (the SKILL.md mentions --dry-run). Ask the publisher for: the missing scripts, a clear list of required env vars/config paths, and why absolute user paths appear in the docs. If the author cannot produce the referenced scripts or explain the metadata mismatch, treat the skill as untrusted and avoid providing your real credentials.

Type: OpenClaw Skill Name: mupeng-social-postcjo Version: 1.0.0 The skill bundle is classified as suspicious due to its requirement for storing highly sensitive credentials, including Farcaster custody and signer private keys, and Twitter API secrets, in plain text files (`~/.openclaw/.env` and `~/.openclaw/farcaster-credentials.json`). While the `SKILL.md` documentation explicitly warns users about the security risks of plain-text storage and advises securing the system and file permissions, this method itself constitutes a significant vulnerability. The actual execution logic resides in external shell scripts (`scripts/post.sh`, `scripts/reply.sh`, etc.) which are not provided, preventing a full assessment of potential shell injection or other runtime risks. No direct evidence of malicious intent, such as data exfiltration to unauthorized endpoints or prompt injection against the agent, was found in the provided `SKILL.md`.