ClawAudit verdict
openclaw-social-scheduler
Receives external input AND executes processes
A social media posting scheduler that uses OAuth tokens/API keys provided by the user to post to named platforms (Twitter, Mastodon, Bluesky, etc.); all credential use is transparent and scoped to the stated posting purpose.
Automated static analysis — not a human review. ClawAudit flags capabilities, not confirmed intent, and can produce false positives. Disagree with this verdict? Use Dispute below.
What it does
These are capability combinations: each listed behavior occurs in the skill, but ClawAudit detects co-occurrence — it does not verify that one flows into another. Read the code to confirm a live chain.
Receives external input AND executes processes — the shape of a command & control channel
LLM05 · LLM06 · ASI10
Installs packages AND executes processes — opaque dependency chain with execution
LLM03 · ASI04
Permission integrity
credential_access
package_install
Findings (6)
Uses exec() — may execute shell commands
SKILL.md · code · exec(
Possible hardcoded credential
scripts/platforms/bluesky.js · prose · downgraded · password: 'App password from Settings → Advanced → App passwords
Accesses process.env — reads environment variables
SKILL.md · code
References webhook/callback URL
SKILL.md · code · WEBHOOK_URL
Accesses sensitive environment variables
MOLTBOOK-USAGE.md · code · process.env.MOLTBOOK_API_KEY
Popular HTTP library — network access
package.json · prose · downgraded · node-fetch
Permissions & capabilities
No declared permissions — minimal attack surface.
package_installnetwork_incredential_accessprocess_exec Thanks — recorded.