← Back to Skills Marketplace
tschonleber

Safe Facebook Messenger

by TSchonleber · GitHub ↗ · v1.0.2 · MIT-0
cross-platform ⚠ suspicious
124
Downloads
0
Stars
0
Active Installs
3
Versions
Install in OpenClaw
/install safe-facebook-messenger
Description
Operate Facebook Messenger safely through a live signed-in Chrome session with remote debugging enabled using Chrome DevTools MCP. Use when sending direct me...
Usage Guidance
This skill is coherent for its stated purpose but requires high‑sensitivity access: it controls a live, signed‑in Chrome session via DevTools (remote debugging). Before installing or enabling it: - Only use with an intentionally chosen browser/profile that is signed in to the correct Messenger account (not your primary personal/work profile). - Ensure the DevTools remote debugging port is bound to localhost or a trusted network and not exposed to the internet. - Prefer manual/operator-supervised invocation; do not grant blanket autonomous sends. - Confirm your runtime (the agent host) does not log, upload, or otherwise persist message contents or UI snapshots — ask the integrator for a logging/telemetry policy. - If you need stronger assurance, request the full runtime wiring or code that will drive DevTools MCP and inspect it (or run in a sandboxed test profile first). If you are uncomfortable giving any tool access to a signed‑in browser profile, do not install/enable this skill.
Capability Analysis
Type: OpenClaw Skill Name: safe-facebook-messenger Version: 1.0.2 The skill 'safe-facebook-messenger' provides detailed instructions for an AI agent to operate Facebook Messenger via Chrome DevTools MCP. While the SKILL.md file contains extensive safety protocols, verification steps, and risk-screening logic designed to prevent common automation errors, the skill facilitates high-risk capabilities including automated messaging and the ability to 'unsend' or delete messages within a live, signed-in browser session. Under the provided criteria, these risky capabilities are classified as suspicious despite the lack of clear malicious intent.
Capability Assessment
Purpose & Capability
The name/description (operate Messenger via a live signed‑in Chrome session using Chrome DevTools MCP) match the instructions. The skill does not request unrelated credentials or binaries and limits its scope to Messenger/browser UI verification — this is coherent.
Instruction Scope
SKILL.md instructs the agent to inspect and interact with Messenger UI state in a signed‑in browser (headers, composer, thread snippets, search results, etc.) and to verify before typing/sending. That behavior is expected for this purpose, but it necessarily grants access to conversation content and UI state. The doc emphasizes safety and not auto‑committing sensitive messages, which is good; however it relies on the surrounding runtime/operator to avoid logging, storing, or forwarding sensitive content — those runtime behaviors are not specified here and should be validated before use.
Install Mechanism
Instruction-only skill with no install steps or external downloads. This is the lowest install risk and matches the described operation (it assumes an existing local browser/DevTools connection).
Credentials
The skill requests no environment variables or credentials, which is appropriate. However, it depends on having a signed‑in Chrome profile and an active Chrome DevTools MCP connection (i.e., a remote debugging port). Those implicit requirements are reasonable but high‑sensitivity: an exposed DevTools port or an unintended signed‑in profile could permit message access or remote control. The SKILL.md does not declare runtime logging/telemetry policies — verify that the host will not exfiltrate or persist message content.
Persistence & Privilege
always:false (normal). The skill can be invoked autonomously (platform default). Because the skill can send messages via a live signed‑in browser, prefer operator‑supervised/manual invocation as the SKILL.md recommends. Autonomous invocation combined with inadvertent access to a sensitive profile or an exposed remote debugging port could cause undesired sends; this is an operational risk rather than an internal incoherence.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install safe-facebook-messenger
  3. After installation, invoke the skill by name or use /safe-facebook-messenger
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.2
- Updated description to clarify that Chrome must have remote debugging enabled for use with Chrome DevTools MCP. - No other functional or documentation changes were made.
v1.0.1
**safe-facebook-messenger v1.0.1 – Description and scope clarifications, no code changes** - Revised and condensed SKILL.md for clarity, removing duplicated and outdated language. - Clarified operational scope: Messenger use, environment, and risk-based safeguards. - Streamlined safety, verification, and failure-handling rules for easier understanding. - Improved description of thread targeting, social-risk screening, and group chat handling. - No code or functional changes; documentation only.
v1.0.0
Initial release of safe-facebook-messenger for highly reliable, socially cautious messaging in live Chrome Messenger sessions. - Ensures messages are sent only after strict verification of recipient and conversation context before and after send. - Supports safety checks including thread identity, recent history, and visible participants, especially in challenging or ambiguous chat scenarios. - Introduces a two-layer approach: mechanical safety (correct thread/composer targeting) and social safety (appropriate message content and risk level). - Details failure modes, validation tests, and strict workflow protocols to prevent wrong-thread messaging and social/risk mistakes. - Enforces rules to handle group chat ambiguity, user interference, and social-risk escalation (auto-draft for high-stakes messages). - Emphasizes matching human tone, avoiding AI/assistant disclosure unless necessary, and prohibits operational chatter in outbound messages.
Metadata
Slug safe-facebook-messenger
Version 1.0.2
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 3
Frequently Asked Questions

What is Safe Facebook Messenger?

Operate Facebook Messenger safely through a live signed-in Chrome session with remote debugging enabled using Chrome DevTools MCP. Use when sending direct me... It is an AI Agent Skill for Claude Code / OpenClaw, with 124 downloads so far.

How do I install Safe Facebook Messenger?

Run "/install safe-facebook-messenger" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Safe Facebook Messenger free?

Yes, Safe Facebook Messenger is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Safe Facebook Messenger support?

Safe Facebook Messenger is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Safe Facebook Messenger?

It is built and maintained by TSchonleber (@tschonleber); the current version is v1.0.2.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463368 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259467 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200457 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191163 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190189 · by oswalpalash

💬 Comments