baoyu-post-to-x

[Skill Scanner] Backtick command substitution detected All findings: [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] The skill is functionally coherent for posting to X via browser automation, with clear grouping of post types and a preview/submit workflow. However, the explicit bypass of anti-automation measures using real Chrome/CDP and dependence on a persistent browser profile introduce significant policy and security concerns (potential credential exposure, risk of account compromise, and misuse for spamming). Recommend tightening controls around credential handling, avoiding anti-detection evasion where feasible, auditing clipboard usage, and ensuring separation of concerns between automation and user data. Consider offering official API-based posting as a safer alternative and provide explicit warnings about terms-of-service compliance. LLM verification: The skill's documented functionality (automating postings by driving a real Chrome instance) is plausible and the described behaviors align with that purpose. However, multiple supply-chain and privilege escalation patterns are present: unpinned runtime download-and-execute, use of existing Chrome profiles (session token exposure), and loading of local override files (EXTEND.md). No explicit malicious code or attacker domains are visible in the provided SKILL.md, but the combination of these pat