Safe Facebook Messenger
by @tschonleber
Operate Facebook Messenger safely through a live signed-in Chrome session with remote debugging enabled using Chrome DevTools MCP. Use when sending direct me...
clawhub install safe-facebook-messengerπ About This Skill
name: safe-facebook-messenger description: Operate Facebook Messenger safely through a live signed-in Chrome session with remote debugging enabled using Chrome DevTools MCP. Use when sending direct messages in Messenger requires strict thread verification, composer ownership checks, search-based reacquisition, group-chat disambiguation, social-risk screening, and verified send/draft workflows.
Safe Facebook Messenger
Purpose
Use this skill to send or draft Facebook Messenger messages through a local, signed-in Chrome browser controlled via Chrome DevTools MCP.
This skill is for Messenger only.
Its purpose is to prevent the most common browser-driven messaging failures:
Required environment
Use this skill only when all of the following are true:
Recommended posture:
Privacy and access model
This skill relies on browser-side inspection of Messenger UI state needed to operate safely, including:
Because it operates through Facebook Messenger in a live browser session, conversation content necessarily passes through the browser and Facebook's own service as part of normal use. Any additional logging, storage, or forwarding performed by the surrounding runtime or operator should be disclosed separately.
Core operating principles
1. Verify the thread before acting. 2. Verify the composer before typing. 3. Re-verify after every meaningful UI change. 4. Stop on ambiguity instead of guessing. 5. Treat search as high-risk until handoff is confirmed. 6. Treat group chats as higher risk than 1:1 threads. 7. Screen message risk before sending. 8. Verify the result after send.
Safety rules
Never trust a single signal
Do not rely on only one of these:
Use multiple signals together.
Never trust stale refs
After any meaningful UI change, re-snapshot and re-resolve the relevant target.
Never continue after human interference
If the human clicks, changes focus, or otherwise interacts with the page mid-run, discard the old plan and re-verify from scratch before continuing.
Never auto-commit on behalf of the user
Do not auto-send commitments involving:
Never include irrelevant backstage chatter
Do not mention testing, browser mechanics, thread switching, or UI instability unless explicitly relevant to the conversation or requested by the user.
Social-risk screening
Before sending, classify the message.
Usually acceptable for direct send
Draft first or escalate instead of auto-send
If uncertain, draft first.
Tone and identity rules
Match the userβs style
Inspect recent thread history and match:
Avoid generic assistant tone the user would never use.
Identity disclosure
Mention Identity/Name only when:
Thread targeting workflow
1. Collect target evidence
Before acting, collect as many of these as practical:
2. Choose targeting mode
#### Existing verified thread Use when the thread is already known and clearly active.
#### Search reacquisition Use when:
#### Thread-list caution Thread-list clicks are weaker evidence than verified active-conversation state. Do not assume a visible row means the active composer belongs to that thread.
3. Verify the active conversation
Before clicking the composer, confirm:
If the active conversation is not clearly correct, stop.
Composer workflow
1. Click composer, then re-verify
After clicking the composer:
If the conversation changed, stop before typing.
2. Type, then re-verify
After typing:
If the draft appears in another thread, do not send.
3. Send, then verify result
After sending:
Sent, Seen, or obvious outbound placementDo not report success until the actual result is visible in the intended thread.
Search-based reacquisition
Use this when direct thread state is not trustworthy.
Preferred implementation
When possible, prefer:
This is generally more reliable than aging snapshot refs for Messenger search.
Search sequence
1. Take a fresh snapshot. 2. Focus Search Messenger. 3. Confirm Search Messenger is actually the focused field. 4. Confirm the current thread composer is not focused. 5. Type the exact target name into search. 6. Inspect results carefully. 7. Choose only a result supported by thread/history/relationship evidence. 8. Select the result. 9. If result selection fails, stop immediately and clear search state. 10. Wait for the active conversation header to change. 11. Confirm the conversation header now matches the intended target. 12. Confirm the composer placeholder now matches the intended target. 13. Confirm the search box is no longer the active field. 14. Confirm the previous thread no longer owns the visible draft box. 15. Dismiss or normalize any lingering search-results overlay. 16. Only then proceed to draft or send.
Search failure rules
Do not proceed if:
Group chat targeting
Treat Messenger group chats as higher-risk targets.
Do not trust the group title alone. Also verify at least one of:
For group chats:
Cleanup mode
Use cleanup mode after a mistaken draft or send.
Cleanup sequence
1. Open the accidental recipient thread directly. 2. Verify the mistaken recipient and exact content. 3. Unsend, delete, or clear draft only after exact content match. 4. If the failure came from search contamination, clear the contaminated draft before retrying search. 5. Verify removal state.
Stop conditions
Stop before typing or sending if any of these are true:
Examples
Example: verified known-thread send
Example: search-based reacquisition
Example: refusal on ambiguity
Minimal checklist
Before clicking composer:
After clicking composer:
After typing:
Before send:
After send: