ClawHub

Tweet Cli

ReviewAudited by ClawScan on May 10, 2026.

Overview

This is a coherent X/Twitter posting helper, but it uses account posting credentials and can publish or delete tweets, so it should be used only with deliberate approval.

Before installing, review the linked tweet-cli source, protect the X/Twitter credential file, and only let the agent post, reply, quote, or delete after you have clearly approved the exact action.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Medium
#ASI02: Tool Misuse and Exploitation
What this means

If invoked incorrectly, the agent could publish or remove content from the user's X/Twitter account.

Why it was flagged

The CLI can mutate a public X/Twitter account by posting, replying, quoting, and deleting tweets. This matches the skill's purpose, but those actions have public account impact.

Skill content
tweet-cli post "Your tweet text here" ... tweet-cli reply <tweet-id-or-url> ... tweet-cli quote <tweet-id-or-url> ... tweet-cli delete <tweet-id-or-url>
Recommendation

Use only on intended accounts, review the exact tweet/reply/quote text first, and require explicit user confirmation for deletion as well as posting.

Medium
#ASI03: Identity and Privilege Abuse
What this means

Anyone or any process with access to these tokens may be able to post or delete content on the connected X/Twitter account, depending on token permissions.

Why it was flagged

The skill requires X/Twitter API credentials and user access tokens. This is expected for posting through the official API, but the tokens grant account authority.

Skill content
X_API_KEY=your_consumer_key
X_API_SECRET=your_secret_key
X_ACCESS_TOKEN=your_access_token
X_ACCESS_TOKEN_SECRET=your_access_token_secret
Recommendation

Use least-privileged API tokens where possible, protect the .env file, avoid sharing the environment, and rotate tokens if the system is compromised.

Low
#ASI04: Agentic Supply Chain Vulnerabilities
What this means

Installing the package gives external code access to run locally as the user and to use the configured X/Twitter credentials when invoked.

Why it was flagged

The skill installs an external global npm CLI from GitHub. The install is pinned to a tag and disclosed, but the package code is not included in the provided artifacts.

Skill content
npm install -g github:0xmythril/tweet-cli#v1.0.0
Recommendation

Audit the GitHub source and package contents before installing, and install only from the intended pinned release.