Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Twitter Query
v1.0.0Query X/Twitter via twitterapi.io read-only APIs by account (user timeline) or by keyword (advanced search). Outputs structured JSON; no LLM, no trend scorin...
⭐ 0· 77·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The scripts implement exactly what the name/description promise: read-only queries to twitterapi.io (user timeline and advanced search) and JSON output. However the registry metadata lists no required environment variables while SKILL.md and the scripts clearly require TWITTER_API_KEY (and optionally TWITTER_API_BASE). This metadata mismatch is inconsistent and may lead to missing user prompts or disclosure in install flows.
Instruction Scope
SKILL.md instructs the agent/user to set TWITTER_API_KEY and run the two Python scripts; the scripts only perform HTTP GETs to the configured base and print JSON to stdout. They do not access other system files, other credentials, or external telemetry endpoints. One noteworthy instruction-level detail: TWITTER_API_BASE is overrideable; if a user or agent sets that to a malicious URL the skill will send the API key there (the scripts do not restrict allowed hosts).
Install Mechanism
There is no automated install spec — this is effectively an instruction-and-scripts package. The code uses only Python stdlib and will run locally; nothing is downloaded from arbitrary third-party URLs. This is low install-surface risk.
Credentials
Functionally the skill only needs one secret (TWITTER_API_KEY), which is proportionate. But the package/registry metadata does not declare this required env var or a primary credential (the SKILL.md and scripts do). That mismatch is concerning because platforms may not surface the requirement to users. Additionally, allowing TWITTER_API_BASE to be set by env var means the key could be sent to a non-twitterapi.io host if misconfigured.
Persistence & Privilege
The skill is not always-enabled and does not request persistent platform privileges. It does not modify other skills or system-wide settings. Autonomous invocation is allowed (default) but is not combined with other alarming privileges here.
What to consider before installing
This skill appears to do what it claims (fetch tweets via twitterapi.io) and the Python scripts are readable and use only stdlib. Before installing or running it:
- Treat TWITTER_API_KEY as a secret. Only provide your real key if you trust the skill and its source; consider using a throwaway/test key first.
- Verify the platform metadata: the skill's SKILL.md and scripts require TWITTER_API_KEY, but the registry metadata does not declare it — ask the publisher to update the manifest to list required env vars.
- Do not change TWITTER_API_BASE to an unknown host. If you must override it (for testing), run in an isolated environment and monitor network traffic to ensure your API key isn't sent to an unexpected endpoint.
- If you have security concerns, inspect the two scripts yourself or run them locally with your network blocked (or a proxy you control) to observe behavior. Ask the publisher to restrict or validate TWITTER_API_BASE in-code if you need stronger guarantees.
Because of the metadata inconsistency and the overridable base URL, I rate this as suspicious rather than benign; these are fixable but should be clarified before broad use.Like a lobster shell, security has layers — review code before you run it.
latestvk977ay10fee921r96grnryswth83x1tb
License
MIT-0
Free to use, modify, and redistribute. No attribution required.