Security audit
Twitter Post AIsa
Security checks across malware telemetry and agentic risk
Overview
This appears to be a Twitter/X posting and engagement skill that uses one AIsa API key and the documented AIsa API endpoint, with no unrelated credential requests or install steps visible.
This skill is coherent with its stated purpose, but installing it means trusting AIsa with Twitter/X relay actions and any media files you explicitly ask it to post. Confirm that your OpenClaw installer actually prompts for AISA_API_KEY, because the registry summary and bundled manifests disagree about declared requirements. For higher assurance, review the complete untruncated Python files before using it for accounts with significant posting privileges.
VirusTotal
No VirusTotal findings
Static analysis
No suspicious patterns detected.
