← 返回 Skills 市场

X CDP Automation

Name: X CDP Automation
Author: stwith

作者 Jason Chai · GitHub ↗ · v1.0.0

cross-platform ⚠ suspicious

585

总下载

当前安装

版本数

在 OpenClaw 中安装

/install x-cdp

功能描述

Automate X (Twitter) via Chromium CDP: post tweets, reply, quote-retweet, publish articles. Uses real browser sessions with existing login, no API keys neede...

安全使用建议

What to consider before installing/using this skill: - Review the scripts locally before running. The tool will operate the browser using your profile, so it can act with whatever X session (cookies/tokens) is present. - Prefer creating and using an isolated Chromium profile (not your main profile) via the --profile and --port flags to avoid exposing other sessions or data. - Run with --dry-run first to verify behavior; dry-run saves a screenshot under /tmp so you can confirm the composed content won't be posted. - The setup auto-installs puppeteer-core into /tmp via npm. Consider installing puppeteer-core yourself (verify version) and setting NODE_PATH instead of letting the script auto-install. - Because the script spawns Chromium with a user-data-dir, any attacker or misused script could post as you — only run this on machines you control and avoid using your primary account if you want extra safety. - If you want stronger isolation, run this inside a disposable VM or container and/or inspect /tmp/node_modules after installation to ensure no unexpected packages were installed. - Limit agent autonomy: require explicit user confirmation before posting (the SKILL.md describes an approval step — keep that in place). Do not grant blanket autonomous invocation to the agent without oversight. - If unsure, test on a secondary or throwaway X account first.

功能分析

Type: OpenClaw Skill Name: x-cdp Version: 1.0.0 The skill is classified as suspicious due to a critical vulnerability in `scripts/post-article.js`. The `--body-file` argument allows reading arbitrary local files using `fs.readFileSync`. While intended for article content, this could be exploited via prompt injection against the agent to read sensitive files (e.g., `/etc/passwd`, `~/.ssh/id_rsa`) and potentially publish their content to X, leading to unauthorized data disclosure. Other scripts use `execSync` and `spawn` (e.g., `scripts/setup.js` for `npm install puppeteer-core` and launching Chromium), which are powerful but appear to be used for legitimate setup purposes, not for malicious execution or exfiltration.

能力评估

✓ Purpose & Capability

Name/description, SKILL.md, and the shipped scripts all implement browser-driven posting, replying, quote-retweeting and article publishing via Chromium CDP. No unrelated env vars, cloud credentials, or hidden network endpoints are requested — the required artifacts (Chromium, puppeteer-core, profile dirs) are proportionate to the claimed purpose.

ℹ Instruction Scope

The instructions and scripts drive a real browser using an explicit user-data-dir profile and will use whatever logged-in X session is present. They read local files (images, body files), create profile directories under ~/chromium-profiles, save dry-run screenshots to /tmp, and may auto-run npm to install puppeteer-core. All of this is consistent with browser automation but implies access to session cookies and any data in that profile (so the tool can act as your account).

ℹ Install Mechanism

There is no formal install spec, but setup.js will auto-install puppeteer-core using npm into /tmp/node_modules (execSync running npm). npm installs from the public registry (moderate, traceable risk). This is expected for Node-based automation, but auto-installing at runtime into /tmp and modifying module.paths increases the attack surface if /tmp is untrusted or the registry/package were compromised.

✓ Credentials

The skill asks for no environment variables or external credentials. It does rely on local Chromium profiles and existing logged-in sessions (which implicitly grant access to your X account). That behavior is proportional to the stated goal but is sensitive — the scripts can use cookie/session state to post as the user.

✓ Persistence & Privilege

always: false and no system-wide modifications are requested. The skill will create profile directories (~ /chromium-profiles) and write to /tmp, and it launches Chromium with a user-data-dir. It does not change other skills or global agent config. These are reasonable for browser automation but are persistent on disk.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install x-cdp
安装完成后，直接呼叫该 Skill 的名称或使用 /x-cdp 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

x-cdp 1.0.0 - Initial release: Browser-based automation for X (Twitter) using Chromium CDP—no API keys needed. - Supports posting tweets, replying, quote-retweeting, and publishing X Premium articles via real browser sessions. - Setup wizard included for easy installation, Chromium/puppeteer-core setup, and login verification. - Multi-account workflows supported using separate Chromium profiles and ports. - All actions scriptable via CLI with optional dry-run mode for preview and integration with agent/automation flows. - Includes safety notes on rate limits and account protection.

元数据

Slug x-cdp

版本 1.0.0

许可证 —

累计安装 2

当前安装数 2

历史版本数 1

常见问题

X CDP Automation 是什么？

Automate X (Twitter) via Chromium CDP: post tweets, reply, quote-retweet, publish articles. Uses real browser sessions with existing login, no API keys neede... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 585 次。

如何安装 X CDP Automation？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install x-cdp」即可一键安装，无需额外配置。

X CDP Automation 是免费的吗？

是的，X CDP Automation 完全免费（开源免费），可自由下载、安装和使用。

X CDP Automation 支持哪些平台？

X CDP Automation 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 X CDP Automation？

由 Jason Chai（@stwith）开发并维护，当前版本 v1.0.0。