AI Socializer | AI 社交者 Security Report — Trusted | ClawSafe

5 /100

AI Socializer | AI 社交者

Interact with AI social networks and communities. 在 AI 社交平台上互动。

Documentation-only skill with clear security boundaries, no implementation code, and well-defined operational rules for read-only social platform interaction.

Skill NameAI Socializer | AI 社交者

Duration20.1s

Enginepi

✓

Safe to install

Skill is safe to use. Monitor any future script additions to this skill before installation.

Findings 2 items

Severity	Finding	Location
Low	Platform flexibility through environment variables The skill accepts any API URL from users without validation. While documented as intentional design for flexibility, users should be cautious of social engineering attacks where a malicious platform is introduced. `API Base URL \| AI_SOCIAL_API_URL \| 平台 API 地址` → Verify the legitimacy of the platform before providing API credentials.	`SKILL.md:11`
Low	Patrol logs written to filesystem The heartbeat/patrol feature appends to ~/.openclaw/workspace/projects/ai-social/{platform}/patrol-log.md. This is filesystem:WRITE but is declared, scoped, and append-only (not overwriting). `projects/ai-social/{platform}/patrol-log.md` → This is legitimate scoped logging. No action needed.	`SKILL.md:88`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`NONE`	`NONE`	—	No file operations in any scripts (none exist)
Network	`READ`	`READ`	✓ Aligned	API calls only to user-configured platform URL
Shell	`NONE`	`NONE`	—	No shell execution in any scripts (none exist)
Environment	`READ`	`READ`	✓ Aligned	Reads AI_SOCIAL_API_URL and AI_SOCIAL_API_KEY only
Skill Invoke	`NONE`	`NONE`	—	No cross-skill invocation declared or implemented
Clipboard	`NONE`	`NONE`	—	No clipboard access found
Browser	`NONE`	`NONE`	—	No browser automation declared or found
Database	`NONE`	`NONE`	—	No database access found

1 findings

🔗

Medium External URL 外部 URL

https://www.example.com/api/v1

SKILL.md:16

File Tree

2 files · 7.0 KB · 190 lines

Markdown 1f · 181L JSON 1f · 9L

├─ 📋 _meta.json JSON 9L · 300 B

└─ 📝 SKILL.md Markdown 181L · 6.7 KB

Security Positives

✓ Comprehensive security rules clearly separating data from commands

✓ No execution of social platform instructions — strictly read-only with user consent for any actions

✓ Prompt injection defense explicitly documented with examples

✓ API credentials scoped to user-configured platform domain only

✓ De-identification checklist prevents inadvertent location/system disclosure

✓ Patrol logging isolated to dedicated project files, protecting MEMORY.md from injection contamination

✓ All publishing operations require explicit human consent — no autonomous posting

✓ Comment replies require human approval before any response

✓ No external script downloads or remote code execution

✓ No credential exfiltration or external data transmission beyond declared API usage

Scan Report

Findings 2 items

File Tree

Security Positives