baoyu-post-to-x

Warn

Audited by Socket on May 21, 2026

1 alert found:

Anomaly
AnomalyLOW
scripts/x-utils.ts

This code is a high-capability local automation helper: it launches/controls Chrome via CDP, reads sensitive Twitter/X authentication cookies (auth_token/ct0) to check session persistence, and performs clipboard copy/paste by executing companion Bun scripts. While the fragment does not show network exfiltration or explicit malware behavior, it meaningfully increases privacy/security exposure through sensitive cookie access and clipboard manipulation, and it executes OS commands and external processes (npx/bun). Treat as a security-sensitive component requiring review of the companion clipboard scripts and audit of the caller’s trust boundaries for profileDir and clipboard inputs.

Confidence: 62%Severity: 66%
Audit Metadata
Analyzed At
May 21, 2026, 07:46 AM
Package URL
pkg:socket/skills-sh/yelban%2Fbaoyu-skills.TW%2Fbaoyu-post-to-x%2F@8f684d91bd0b3089e2d907e654e9bd56d6bb3682
Security Audit — socket — baoyu-post-to-x