← 返回 Skills 市场
447
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install social-reader
功能描述
Social media content scraping and automation skill. Supports real-time single post reading, as well as scheduled batch patrol, LLM distillation, and review n...
安全使用建议
This package appears to do what it says: fetch public social posts, optionally call an LLM to synthesize commentary, and present a local review UI. Before installing or running it:
- Treat pipeline mode as networked: it requires an LLM API key and will send scraped content to the configured LLM endpoint (default: OpenAI). Only use a trusted API key and be aware of any sensitive content you feed to the LLM.
- The notifier starts a local HTTP server and opens a browser. Verify the server binds only to localhost (127.0.0.1) if you do not want it reachable from the network. If the server binds to all interfaces, external actors could call /api/regenerate or /api/review if your machine/network is reachable.
- The skill writes local files (seen_ids.json, pending_tweets.json, drafts.json, archive.json) in the skill directory; run it in an environment/directory where this persistence is acceptable.
- Source and homepage are unknown — exercise caution. If you need higher assurance, ask the maintainer for the origin, check how notifier starts the HTTPServer (inspect whether it binds to 'localhost' vs ''), and consider running in an isolated container or VM and restricting outbound network access for the process.
- If you want lower risk for interactive usage, follow the SKILL.md guidance to call fetcher.get_tweet() only (stateless) rather than running the full pipeline.
功能分析
Type: OpenClaw Skill
Name: social-reader
Version: 1.0.0
The skill is classified as suspicious due to several risky capabilities, even though they are presented as part of its intended functionality. Specifically, `notifier.py` starts a local HTTP server on `127.0.0.1:18923` and automatically opens a browser window to this local URL, which are significant actions. Additionally, `notifier.py` uses `subprocess.Popen` to execute a PowerShell command for desktop notifications, a shell execution primitive, though the command itself is fixed and benign in this context. Furthermore, `processor.py` feeds untrusted external content (tweet text) into an LLM prompt, introducing a prompt injection vulnerability against the LLM, even if the LLM's output is subject to human review.
能力评估
Purpose & Capability
Name/description (social scraping, pipeline, LLM distillation) matches the included Python modules (fetcher, watcher, processor, notifier, run_pipeline). Network calls (fxtwitter, syndication CDN) and LLM calls are expected for this functionality. Declared dependency (requests) and environment variables (LLM_API_KEY, LLM_BASE_URL, LLM_MODEL) line up with the implementation.
Instruction Scope
SKILL.md keeps interactive usage scoped to fetcher.py (stateless) and warns about using the pipeline for interactive calls. Pipeline instructions cause reading/writing of local JSON files and will call an external LLM API. The notifier starts a local HTTP review server and opens a browser; that behavior is within the stated purpose but increases runtime surface (see persistence_privilege). The instructions do not ask to read unrelated system files or unrelated credentials.
Install Mechanism
No automated install spec is provided; SKILL.md only asks to pip install requests. No downloads from unknown hosts or archive extraction are present in the package.
Credentials
Only the LLM-related environment variables are required for pipeline mode. No other credentials or secrets are requested. The declared primary credential (LLM_API_KEY) is necessary and proportionate to calling an external LLM for distillation.
Persistence & Privilege
The skill writes/updates local JSON files (seen_ids.json, pending_tweets.json, drafts.json, archive.json) which is expected for a pipeline. always is false. The notifier launches a local HTTP server (port 18923) and opens a browser review page — this is expected but raises operational concerns: depending on how the server is bound, the review endpoint could be reachable beyond the local machine. The code sets Access-Control-Allow-Origin: * for responses (enables cross-origin browser access), which increases attack surface if the server is not restricted to localhost.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install social-reader - 安装完成后,直接呼叫该 Skill 的名称或使用
/social-reader触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of Social Reader: a social media content scraping and monitoring skill.
- Supports real-time single post reading with interactive fetcher.
- Enables batch patrol mode with deduplication, LLM distillation, and review notifications.
- Modular design: fetcher (interactive), watcher, processor (LLM-driven), and notifier nodes.
- Customizable via configuration files and environment variables.
- CLI commands provided for full pipeline or individual steps.
元数据
常见问题
social-reader 是什么?
Social media content scraping and automation skill. Supports real-time single post reading, as well as scheduled batch patrol, LLM distillation, and review n... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 447 次。
如何安装 social-reader?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install social-reader」即可一键安装,无需额外配置。
social-reader 是免费的吗?
是的,social-reader 完全免费(开源免费),可自由下载、安装和使用。
social-reader 支持哪些平台?
social-reader 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 social-reader?
由 AIWareTop(@hacksing)开发并维护,当前版本 v1.0.0。
推荐 Skills