name: x-autonomy-v2
description: Official X API v2 read/write autonomy for OpenClaw agents (safe inbox-first engagement)
X Autonomy v2 (Safe Mode)
Use official X API v2 only (OAuth2 PKCE). No browser posting. No cookie/private GraphQL writes.
Core policy
Allowed (default)
1. Inbox autonomy (mentions + replies to our own tweets)
2. Discovery drafting (search, score, draft)
3. Optional auto-quote with strict caps
Disallowed
- Mass unsolicited auto-replies to strangers
- Keyword spam loops
- Duplicate/template replies
Guardrails
- Max 8 replies/hour
- Max 40 likes/day
- Max 20 retweets/day
- Jitter 20–120s between write actions
- One reply per user per thread unless they reply again
- Human approval required for political/legal/medical/financial/high-conflict content
Required env
- `X_CLIENT_ID`
- `X_REDIRECT_URI`
Optional:
- `X_SCOPES`
- `X_TOKEN_STORE_PATH`
- `X_ACTION_LOG_PATH`
Required scopes
- `tweet.read`
- `tweet.write`
- `users.read`
- `like.write`
- `offline.access`
Tool contract
Every write action must accept `idempotency_key` and `dry_run`.
Every write action must append to audit log (`x_actions.ndjson`).
Tools to implement
- `x_auth_status`
- `x_auth_start`
- `x_auth_callback`
- `x_home_timeline`
- `x_mentions`
- `x_thread`
- `x_search_recent`
- `x_post`
- `x_reply`
- `x_quote`
- `x_thread_post`
- `x_like`
- `x_unlike`
- `x_retweet`
- `x_unretweet`
Agent operating modes
Mode A: Inbox (default)
1. Poll mentions/replies since last_seen_id
2. Load thread context
3. Classify + draft
4. Auto-execute only if safe and confidence >= 0.75
5. Persist state + logs
Mode B: Discovery (controlled)
1. Search query packs
2. Relevance/risk scoring
3. Draft replies + quotes
4. Auto-quote optional
5. Replies to strangers require approval
Done criteria
- Auth works for test account
- Post/reply/quote/like/retweet working
- Idempotency prevents dupes
- 30-min inbox loop runs without spammy behavior