Implement GitOps workflows with ArgoCD and Flux for automated, declarative Kubernetes...
social-bridge
0
0
# Install this skill:
npx skills add grahama1970/agent-skills --skill "social-bridge"
Install specific skill from multi-skill repository
# Description
>
# SKILL.md
name: social-bridge
description: >
Aggregate security content from Telegram public channels and X/Twitter accounts,
forward to Discord webhooks, and persist to graph-memory. Uses Telethon (MTProto)
for Telegram, surf browser automation for X, and Discord webhooks for delivery.
allowed-tools:
- Bash
- Read
- Write
triggers:
- telegram
- telegram channel
- security telegram
- x scrape
- twitter scrape
- social media aggregator
- security feeds
- aggregate feeds
- forward to discord
metadata:
short-description: Telegram/X aggregator with Discord + memory integration
Social Bridge - Security Content Aggregator
Aggregate security research content from multiple social platforms, forward to your Discord server, and persist to the knowledge graph for semantic search.
Data Sources
| Platform | Method | Auth Required | Can Read Public |
|---|---|---|---|
| Telegram | Telethon (MTProto) | API ID + phone | Yes |
| X/Twitter | surf browser automation | Logged-in browser | Yes |
| Discord | Webhooks | Webhook URL | N/A (output only) |
Architecture
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ Social Bridge Aggregator + Memory Integration โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโค
โ โ
โ โโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโ โ
โ โ Telegram โ โ X/Twitter โ โ RSS/Web โ โ
โ โ (Telethon) โ โ (surf) โ โ (future) โ โ
โ โโโโโโโโฌโโโโโโโ โโโโโโโโฌโโโโโโโ โโโโโโโโฌโโโโโโโ โ
โ โ โ โ โ
โ โโโโโโโโโโโโโโโโโโโโผโโโโโโโโโโโโโโโโโโโ โ
โ โผ โ
โ โโโโโโโโโโโโโโโโโโโ โ
โ โ Aggregator โ โ
โ โ (dedupe, filter)โ โ
โ โโโโโโโโโโฌโโโโโโโโโ โ
โ โ โ
โ โโโโโโโโโโโโโโโโโโโโผโโโโโโโโโโโโโโโโโโโโ โ
โ โผ โผ โผ โ
โ โโโโโโโโโโโโ โโโโโโโโโโโโ โโโโโโโโโโโโโโโโโโ โ
โ โ Discord โ โ JSON โ โ graph-memory โ โ
โ โ Webhook โ โ Export โ โ (ArangoDB) โ โ
โ โโโโโโโโโโโโ โโโโโโโโโโโโ โโโโโโโโโฌโโโโโโโโโ โ
โ โ โ
โ โผ โ
โ โโโโโโโโโโโโโโโโ โ
โ โ Dogpile โ โ
โ โ (search/recall)โ โ
โ โโโโโโโโโโโโโโโโ โ
โ โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
Quick Start
# Setup (one-time)
./run.sh setup
# Add sources
./run.sh telegram add "@vaborivs" # Telegram channel
./run.sh x add "malaborwaretechblog" # X/Twitter account
# Add Discord webhook for forwarding
./run.sh webhook add "security" "https://discord.com/api/webhooks/..."
# Fetch latest content
./run.sh fetch --all
# Forward to Discord
./run.sh forward --webhook security --hours 24
Commands
setup - Initial Configuration
# Interactive setup wizard
./run.sh setup
# This will:
# 1. Check/configure Telegram API credentials
# 2. Check surf browser setup
# 3. Configure Discord webhook
telegram - Telegram Channel Management
# Add a public channel to monitor
./run.sh telegram add "@channel_name"
./run.sh telegram add "https://t.me/channel_name"
# List monitored channels
./run.sh telegram list
# Remove a channel
./run.sh telegram remove "@channel_name"
# Fetch messages from all channels
./run.sh telegram fetch --limit 50
# Fetch from specific channel
./run.sh telegram fetch "@channel_name" --limit 100
x - X/Twitter Account Management
# Add an account to monitor
./run.sh x add "username"
# List monitored accounts
./run.sh x list
# Remove an account
./run.sh x remove "username"
# Fetch tweets (uses surf browser automation)
./run.sh x fetch --limit 50
# Fetch from specific account
./run.sh x fetch "username" --limit 100
webhook - Discord Webhook Management
# Add a webhook
./run.sh webhook add "name" "https://discord.com/api/webhooks/..."
# List webhooks
./run.sh webhook list
# Remove a webhook
./run.sh webhook remove "name"
# Test a webhook
./run.sh webhook test "name"
fetch - Fetch Content
# Fetch from all sources
./run.sh fetch --all
# Fetch only Telegram
./run.sh fetch --telegram
# Fetch only X/Twitter
./run.sh fetch --x
# With time filter
./run.sh fetch --all --hours 24
# Output as JSON
./run.sh fetch --all --json
forward - Forward to Discord
# Forward recent content to Discord
./run.sh forward --webhook security --hours 24
# Forward with keyword filter
./run.sh forward --webhook security --filter "CVE,0day,exploit"
# Dry run (show what would be sent)
./run.sh forward --webhook security --dry-run
memory - Knowledge Graph Integration
# Check memory integration status
./run.sh memory status
# Ingest all content to memory (fetch + persist)
./run.sh memory ingest --hours 24
# Ingest only Telegram
./run.sh memory ingest --telegram --hours 24
# Search stored social intel
./run.sh memory search "CVE-2024"
# Search with JSON output
./run.sh memory search "malware analysis" --json --k 20
Auto-Fetch with Persistence:
# Fetch and persist in one command
./run.sh fetch --all --persist
# Telegram fetch with persistence
./run.sh telegram fetch --persist
aggregate - Scheduled Aggregation
# Run aggregation (fetch + forward)
./run.sh aggregate --webhook security
# Schedule hourly aggregation
./run.sh aggregate schedule --cron "0 * * * *" --webhook security
# View scheduled jobs
./run.sh aggregate status
Pre-configured Security Channels
Telegram Channels
| Channel | Focus |
|---|---|
| @vaborivs | Vulnerability research |
| @cikitech | Malware/threats |
| @TheHackersNews | Security news |
| @exploitin | Exploit announcements |
| @bugcrowd | Bug bounty |
| @CISAgov | CISA alerts |
X/Twitter Accounts
| Account | Focus |
|---|---|
| malwaretechblog | Malware analysis |
| kloswonsecurity | Security news |
| SwiftOnSecurity | Security humor + insights |
| 0xdea | Vulnerability research |
| thegrugq | OpSec, threat intel |
Telegram Setup (One-time)
- Get API credentials at https://my.telegram.org/apps
- Save to environment:
bash export TELEGRAM_API_ID="your_api_id" export TELEGRAM_API_HASH="your_api_hash" - First run will prompt for phone number + code
- Session file created at
~/.social-bridge/telegram.session
X/Twitter Setup (One-time)
- Ensure surf-cli is installed and working:
bash surf tab.list # Should show browser tabs - Log into X/Twitter in your browser
- social-bridge uses surf to scrape while logged in
Environment Variables
| Variable | Description | Required |
|---|---|---|
TELEGRAM_API_ID |
Telegram API ID | For Telegram |
TELEGRAM_API_HASH |
Telegram API hash | For Telegram |
DISCORD_WEBHOOK_URL |
Default Discord webhook | For forwarding |
Integration with Memory (graph-memory)
Social-bridge persists content to the social_intel scope in ArangoDB via the memory skill.
Auto-Tagging
Posts are automatically tagged with security keywords:
- cve - CVE identifiers (CVE-2024-XXXX)
- apt - APT groups (APT29, APT41)
- darpa - DARPA/IARPA/BAA mentions
- 0day - Zero-day references
- exploit - Exploit/RCE/LPE mentions
- malware - Malware/ransomware mentions
- ctf - CTF/HTB/TryHackMe
- mitre - MITRE ATT&CK references
- c2 - C2/Cobalt Strike
- ioc - IOC/indicator mentions
Memory Schema
Posts are stored as lessons with:
{
"problem": "[TELEGRAM] @vxunderground: New ransomware variant...",
"solution": {
"content": "Full post content...",
"url": "https://t.me/vxunderground/12345",
"author": "vx-underground",
"timestamp": "2026-01-28T12:00:00Z",
"platform": "telegram",
"source": "vxunderground",
"metadata": {"views": 5000, "forwards": 120}
},
"scope": "social_intel",
"tags": ["telegram", "source:vxunderground", "malware", "ransomware"]
}
Integration with Dogpile
Dogpile can query stored social intel via the memory skill:
# Dogpile searches memory automatically
dogpile search "CVE-2024-1234" --preset vulnerability_research
# Memory recall returns stored social intel
./run.sh memory search "ransomware variant"
Pipeline:
social-bridge fetch --persist โ memory (ArangoDB) โ dogpile recall
Data Storage
Content is cached locally for deduplication:
~/.social-bridge/
โโโ config.json # Sources and webhooks
โโโ telegram.session # Telegram session (DO NOT SHARE)
โโโ cache/
โ โโโ telegram/ # Cached Telegram messages
โ โโโ x/ # Cached X tweets
โโโ logs/
โโโ aggregate.log # Aggregation history
Rate Limits & Best Practices
| Platform | Recommendation |
|---|---|
| Telegram | Max 50 channels, 100 msgs/channel/hour |
| X/Twitter | Max 20 accounts, 50 tweets/account/hour |
| Discord | Max 30 messages/minute per webhook |
Example: Security Feed Aggregator
# One-time setup
./run.sh setup
./run.sh telegram add "@vaborivs" "@exploitin" "@CISAgov"
./run.sh x add "malwaretechblog" "SwiftOnSecurity"
./run.sh webhook add "security" "$DISCORD_WEBHOOK_URL"
# Schedule hourly aggregation
./run.sh aggregate schedule --cron "0 * * * *" --webhook security
# Manual fetch when needed
./run.sh fetch --all --hours 1
./run.sh forward --webhook security --filter "CVE,0day,critical"
# Related Skills
This skill should be used when the user asks to "optimize context", "reduce token costs",...
Posts content to WeChat Official Account (ๅพฎไฟกๅ ฌไผๅท) via Chrome CDP automation. Supports article...
Generates Xiaohongshu (Little Red Book) infographic series with 9 visual styles and 6 layouts....
# Supported AI Coding Agents
This skill is compatible with the SKILL.md standard and works with all major AI coding agents:
Amp
Antigravity
Claude Code
Clawdbot
Codex
Cursor
Droid
Gemini CLI
GitHub Copilot
Goose
Kilo Code
Kiro CLI
OpenCode
Roo Code
Trae
Windsurf
Learn more about the SKILL.md standard and how to use these skills with your preferred AI coding agent.