ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Composio Composer Xskill

v1.0.0

Enables posting tweets to Twitter/X through Composio's integration platform via HTTP and BeautifulSoup. Use when posting tweets or integrating with Composio.

0· 362·0 current·0 all-time
by@austindixson
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The code and docs implement posting/reading/deleting tweets via Composio (HTTP + BeautifulSoup) which matches the skill name/description. However the registry metadata claims no required environment variables while SKILL.md, README.md and config.py reference several COMPOSIO_* variables — this mismatch is unexplained and reduces trust in the metadata.
Instruction Scope
Runtime instructions and the code focus on HTTP interactions with Composio and HTML parsing/submission via BeautifulSoup, which is within the stated purpose. The SKILL.md instructs installing requests/bs4/python-dotenv and configuring a .env or environment variables; note that storing tokens in a .env file (suggested by docs) is a security consideration but is not itself unexpected for this type of skill.
Install Mechanism
There is no platform install spec (instruction-only style), but the package includes code files and a requirements.txt. The SKILL.md instructs pip installing the listed deps (requests, beautifulsoup4, python-dotenv) — these are standard PyPI packages. No remote downloads or obscure install sources are present. It's slightly inconsistent that the registry lists 'no install spec' while full code is bundled, but this is not inherently dangerous.
!
Credentials
The skill requires several Composio-specific credentials (COMPOSIO_CLIENT_ID, COMPOSIO_API_KEY, COMPOSIO_SESSION_TOKEN, COMPOSIO_BEARER_TOKEN, COMPOSIO_USER_ID) per SKILL.md and config.py. The registry metadata, however, lists no required env vars — that is an inconsistency. The secrets requested are proportional to the stated function, but the mismatch in declared vs. actual required variables and the docs' suggestion to store them in a .env file warrant caution.
Persistence & Privilege
The skill does not request 'always: true' or other elevated persistent privileges and does not attempt to modify other skills or system configuration. It reads environment variables at import time via config.from_env() and offers a from_file() loader, which is normal for a client library.
What to consider before installing
What to check before installing: - Source and trust: The skill's Source/Homepage are unknown; prefer skills from a known publisher. Review the bundled code yourself or run it in an isolated environment before granting real credentials. - Metadata mismatch: The registry declares no required env vars but SKILL.md and config.py expect multiple COMPOSIO_* secrets. Treat that as a red flag and verify which variables the runtime actually needs. - README vs. API mismatch: README examples omit an auth token while __init__.py and SKILL.md show a composio_auth_token parameter and config.py reads env vars. Ensure you know whether you must pass tokens in calls or rely on env vars. - .env handling: Docs recommend python-dotenv but the code does not call load_dotenv() (config.py uses os.getenv). If you plan to use a .env file, you must load it yourself; storing tokens in plaintext files has risk — store secrets securely and limit file permissions. - Least privilege & rotation: Create and use Composio credentials with minimal permissions, and be prepared to rotate tokens if you install/remove the skill. - Network endpoints: The default api base is https://backend.composio.dev/api/v1 — confirm this is the correct and expected endpoint for your account. - If unsure, ask the publisher for clarification (who maintains the skill), or run the code in a sandbox and inspect network traffic before providing production credentials.

Like a lobster shell, security has layers — review code before you run it.

latestvk9794az1ywhcact0q2v07j7nkd81y3z5

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments