OpenClaw skill for Facebook Messenger Platform workflows, including messaging, webhooks, and Page inbox operations using direct HTTPS requests.
Security Analysis
medium confidenceThe skill's documentation matches a Messenger integration, but it requests sensitive credentials in its runtime instructions while the registry metadata declares no required environment variables or primary credential — an incoherence that warrants caution.
The SKILL.md and reference files clearly describe Facebook Messenger Platform workflows (webhooks, Send API, token exchange), which is consistent with the skill name/description. However, the registry metadata lists no required environment variables or primary credential while the SKILL.md explicitly lists Facebook App ID, App Secret, Page ID, Page access token, and webhook verify token as required inputs. This mismatch between declared requirements and documented inputs is unexpected and disproportionate.
The instructions stay within the stated purpose: they describe Graph API endpoints, webhook verification and signature validation, and message patterns. They do not direct reading unrelated system files, calling external endpoints other than Facebook Graph API, or exfiltrating data. The SKILL.md explicitly warns not to log tokens and to validate signatures.
This is an instruction-only skill with no install spec and no code files, which minimizes install-time risk (nothing is downloaded or written to disk by the skill itself).
The skill requires multiple sensitive credentials (app secret, page token, etc.) in its documentation, yet the registry metadata declares none. Requiring multiple secrets would be proportionate for this purpose, but they should be explicitly declared (primary credential, required env vars) so users know what will be requested and how they are stored/used. The omission reduces transparency and could hide an unintentional or malicious collection point.
The skill does not request always:true and is user-invocable only; it does not declare any system-level config or modifications. Autonomous model invocation is allowed (platform default) but not combined with other major red flags here.
Guidance
This skill's README and reference docs look like a legitimate Messenger Platform integration, but the registry metadata omits the sensitive environment variables that the SKILL.md says are required (App ID/Secret, Page ID, Page token, webhook verify token). Before installing or using it: 1) Ask the publisher for provenance (homepage, source repo) and why required env vars aren't declared. 2) Confirm how and where you'll supply credentials (secret manager, environment variables, or interactive input) and whether the agent or skill will store them persistently. 3) Verify in your environment that webhook signature verification is implemented and that tokens are never logged or sent to third parties. 4) Prefer skills that explicitly declare required secrets and a primary credential so you can audit permission scope. If you cannot get clear answers about where credentials are read/stored, treat the skill with caution or avoid installing it.
Latest Release
v1.0.1
Expanded the Messenger skill with structured reference docs and enhanced, production-oriented guidance for Facebook Messenger Platform workflows. - Added 7 new reference files covering API overview, messaging, webhooks, permissions, request templates, and conversation patterns. - Updated documentation for clarity: emphasizes direct HTTPS requests, structured skill use, and operational/security best practices. - Expanded quick orientation with specific references to new guides and workflow patterns. - Refined required inputs and expected outputs for more robust integration planning. - Clarified out-of-scope areas (e.g., advanced Ads/Marketing, browser OAuth).
More by @codedao12
Published by @codedao12 on ClawHub
