← 返回 Skills 市场
278
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install x-brand-operator
功能描述
Automate X/Twitter brand account tasks including posting, keyword engagement, scheduling, and reporting using xurl API with browser fallback and Telegram ale...
安全使用建议
This skill intends to autonomously post and engage on X and to send Telegram alerts, but it does not declare any credentials or config locations. Before installing: (1) confirm where and how the xurl app config and Telegram bot token/target are provided and stored (metadata should declare required env vars or config paths); (2) verify you are comfortable with the skill using your browser 'user' profile (it may access logged-in sessions/cookies); (3) note it will write drafts to ~/Workspace/<brand>/... and read memory/social-log.json — check those paths and what data they contain; (4) test in a throwaway account/environment first to ensure behavior matches expectations; (5) ask the publisher for a clear credential/permission model (which env vars are required, how tokens are stored, whether Telegram uses a platform-provided 'message' tool or your own bot). These inconsistencies are not proof of malicious intent, but they are material and should be resolved before trusting the skill with real account credentials or enabling scheduled runs.
功能分析
Type: OpenClaw Skill
Name: x-brand-operator
Version: 1.0.0
The skill bundle automates X/Twitter brand operations, including posting, keyword engagement, and reporting. It is classified as suspicious due to a high-risk vulnerability: the instructions in SKILL.md and references/cron-config.md direct the agent to use shell execution (exec) for the 'xurl' tool with arguments (tweets and replies) derived from AI-generated content. Because this content is based on untrusted external data (X search results), the skill is highly vulnerable to indirect prompt injection, which could lead to arbitrary command execution (RCE). No evidence of intentional malice, such as data exfiltration or backdoors, was found.
能力评估
Purpose & Capability
The skill claims to automate X/Twitter posting using 'xurl' and to send Telegram alerts. However, the registry metadata declares no required env vars or primary credential. The runtime instructions repeatedly call 'xurl --app <app>' and 'Send Telegram (channel: telegram, to: <telegram_id>)', which implies the need for an xurl app config and Telegram bot credentials or integration details. It also instructs using a browser profile 'user' (access to logged-in session). These capabilities are consistent with the stated purpose, but the lack of declared credentials/config makes the packaging incoherent: a legitimate implementation would normally require and declare the app id/token and Telegram bot token/target.
Instruction Scope
SKILL.md instructs the agent to: use xurl for search/post/reply/like/follow; fall back to an automated browser session (profile: user) to post; write Substack drafts to ~/Workspace/<brand>/substack/draft-YYYY-MM-DD.md; and read 'memory/social-log.json' for weekly reports. These are cross-cutting actions (network calls to X and Telegram, browser automation using the user's profile, and arbitrary file reads/writes) that go beyond a narrow, read-only helper. The instructions also reference placeholders (<app>, <telegram_id>, <brand>, <url>) without explaining where their secrets/config are stored. Reading 'memory/social-log.json' may touch unrelated agent memory/config.
Install Mechanism
This is an instruction-only skill with no install spec or code to download. That reduces supply-chain risk (nothing is written to disk by an install step).
Credentials
The skill requests no required env vars in metadata, yet runtime steps clearly require credentials/config: an xurl app configuration and Telegram integration (bot token or channel config), and possibly access to browser profile cookies/sessions. It also assumes write access to the user's home directory. The absence of declared secrets or config paths is disproportionate to the skill's operational needs and creates uncertainty about where credentials are expected or how they will be provided/used.
Persistence & Privilege
The skill is not 'always: true' and uses cron-style scheduled prompts in references/cron-config.md, so it is designed for recurring autonomous runs (the platform's normal mode). Autonomous scheduling + posting privileges increase blast radius (it can post on the account when scheduled), but that is expected for a social-posting automation skill. No indication the skill modifies other skills or system-wide settings.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install x-brand-operator - 安装完成后,直接呼叫该 Skill 的名称或使用
/x-brand-operator触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: Full X/Twitter brand automation — scheduled posting, keyword engagement, Substack drafts, weekly reports, xurl + browser fallback
元数据
常见问题
X Brand Operator 是什么?
Automate X/Twitter brand account tasks including posting, keyword engagement, scheduling, and reporting using xurl API with browser fallback and Telegram ale... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 278 次。
如何安装 X Brand Operator?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install x-brand-operator」即可一键安装,无需额外配置。
X Brand Operator 是免费的吗?
是的,X Brand Operator 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
X Brand Operator 支持哪些平台?
X Brand Operator 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 X Brand Operator?
由 caoooqiii(@caoqi)开发并维护,当前版本 v1.0.0。
推荐 Skills