v1.0.0

Mia Twitter Stealth

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:22 AM.

Analysis

This skill is designed to automate an X/Twitter account while hiding automation and using account tokens, which is risky and needs careful review.

GuidanceDo not install this unless you intentionally want a stealth Twitter/X automation tool and fully understand the account risks. If you proceed, use only audited code, avoid sharing raw session tokens, require manual approval for each public action, and clear any stored browser session data after use.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Human-Agent Trust Exploitation

SeverityHighConfidenceHighStatusConcern

SKILL.md

Twitter/X automation with advanced stealth techniques to avoid bot detection. ... Hides `navigator.webdriver` ... Masks Chrome automation flags ... Spoofs plugins and languages

The skill explicitly instructs automation that disguises itself from platform bot detection, which is deceptive behavior and can lead users to trust or deploy account automation that may be unsafe or policy-violating.

User impactYour X/Twitter account could be used in ways that look intentionally hidden from the platform, increasing the risk of account restrictions, reputation harm, or abuse complaints.

RecommendationAvoid stealth or anti-detection automation; prefer official APIs and transparent, policy-compliant workflows.

Tool Misuse and Exploitation

SeverityHighConfidenceHighStatusConcern

SKILL.md

mia-twitter post "Hello world" ... mia-twitter reply <tweet-id> ... mia-twitter like --search "AI agents" --limit 10 ... mia-twitter follow --search "founder" --limit 5

The documented commands can mutate a public social account by posting, replying, liking, and following, including search-driven bulk actions, with no described approval gate or preview requirement for each public action.

User impactThe agent could cause visible posts, replies, likes, or follows from your account, potentially creating spam, reputational damage, or unwanted engagement.

RecommendationRequire explicit user confirmation for every post, reply, like, and follow; preview generated content and targets before execution.

Agentic Supply Chain Vulnerabilities

SeverityMediumConfidenceHighStatusConcern

metadata

Source: unknown; Homepage: none; No install spec — this is an instruction-only skill; No code files present

The SKILL.md references running a mia-twitter CLI with Playwright/Chromium and account credentials, but the reviewed artifacts provide no source, installer, pinned dependencies, or implementation to inspect.

User impactYou would need to trust an unreviewed external command or environment that may receive sensitive account tokens and perform public account actions.

RecommendationRequire reviewed source code, a clear install spec, pinned dependencies, and accurate credential/binary declarations before installation.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityHighConfidenceHighStatusConcern

SKILL.md

Requirements

- X_AUTH_TOKEN env var
- X_CT0 env var

These are X/Twitter session credentials that can authorize account activity; the artifacts do not bound how they are used, protected, rotated, or limited, and the registry metadata declares no required credential.

User impactProviding these values may give the automation broad control over your X/Twitter session and account actions.

RecommendationDo not provide session tokens to unreviewed tools; use least-privilege OAuth or official API credentials where possible, and declare required credentials in metadata.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityMediumConfidenceHighStatusConcern

SKILL.md

Session Persistence
- Cookie storage
- LocalStorage persistence
- User data directory

The skill plans to persist browser session data, including cookies and local storage, but gives no path, retention, encryption, cleanup, or reuse boundaries.

User impactStored session data could let later runs or other local processes reuse your authenticated X/Twitter session.

RecommendationDefine a scoped storage path, protect permissions, encrypt or avoid stored cookies where possible, and provide a clear way to clear saved sessions.