Multi-Channel Engagement Agent

Autonomous social media engagement across Twitter, Farcaster, and Moltbook. Fetches trending content, generates persona-driven contextual replies, and tracks state to prevent duplicates. Use when you want to engage with trending posts, reply to social media content, build audience through authentic engagement, or automate social presence across multiple platforms. Triggers on "engage on twitter", "farcaster engagement", "reply to trending", "social engagement bot", "multi-platform engagement", "autonomous social replies". Features include content filtering, mention tracking, webhook notifications, user blacklist/whitelist, analytics tracking, and quote tweet/recast support.

Key things to consider before installing or running this skill: - Metadata mismatch: The registry claims no required secrets, but the code needs Twitter OAuth tokens, Farcaster keys (custody + signer + fid + neynarApiKey), and a Moltbook API key. Treat this as a red flag and only proceed if you understand and accept supplying those secrets. - Private keys & money: The skill asks for custody/signer private keys and even instructs an auto-setup that spends on-chain funds. Only use dedicated, low-value wallets with minimal funds for testing; do not supply your primary keys. - Command/secret exposure: The script builds a shell command string (execSync) that embeds environment variables and the generated reply text. That can: (a) allow command injection if reply text is not fully escaped, and (b) expose secrets via command-line arguments or shell history/process listings/logs. Prefer a safer invocation (passing env via process.env or child_process.spawn with env object, avoid interpolating secrets into command strings). - Audit external dependencies: The code execs 'skills/farcaster-agent/src/post-cast.js' — install and review that skill's code before using it. The SKILL.md recommends installing external services (neynar, aisa.one) — review their terms and trustworthiness. - Platform-specific quirks: The execSync call uses 'powershell.exe' shell syntax; that will fail on non-Windows hosts and affects how arguments must be escaped. Test in a controlled environment. - Hardening recommendations: update registry metadata to declare required env vars; don't pass private keys via command line; sanitize/escape reply text robustly; avoid execSync where possible (use child_process.spawn with env object); run the skill in an isolated VM/container; require explicit user confirmation before any on-chain payment or autonomous posting; and rotate keys after testing. If you are not comfortable auditing code or managing secret leakage risk, do not provide real private keys and instead test with mocked/readonly credentials or dedicated throwaway accounts.

Type: OpenClaw Skill Name: multi-channel-engagement-agent Version: 1.0.3 The skill is classified as suspicious due to a critical shell injection vulnerability in `scripts/engage.mjs`. The `child_process.execSync` function is used to execute a PowerShell command for Farcaster replies, incorporating `replyText` (which can be influenced by external trending post content) with insufficient sanitization. This flaw could allow an attacker to achieve Remote Code Execution (RCE) and potentially exfiltrate sensitive Farcaster private keys that are passed as environment variables to the vulnerable child process. Additionally, the `solveMathChallenge` function uses `Function(...)()` for dynamic code execution, albeit with strict input sanitization, which is another point of concern.