ClawHub

AIsa Twitter API

Security checks across malware telemetry and agentic risk

Overview

This Twitter/X skill mostly matches its stated purpose, but it exposes the AIsa API key in normal command output.

Review carefully before installing. Use only if you are comfortable sending Twitter/X requests and selected media through AIsa, avoid sharing command output, avoid running it in shared logs or CI, and rotate AISA_API_KEY if output from this skill may have been exposed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

High
Confidence
99% confidence
Finding
The post/publish path returns the raw AIsa API key in user-visible JSON output, which is unnecessary for tweet publishing and directly exposes a bearer credential. Any terminal logs, agent transcripts, screenshots, or downstream tooling that captures command output could reuse that key to call the AIsa API and act with the user's privileges.

Context-Inappropriate Capability

High
Confidence
99% confidence
Finding
The authorization command prints the API key together with the authorization URL, exposing the bearer token during a flow that is likely to be copied, shared, or displayed to a user. Because this is an OAuth helper, users may reasonably expect only a login URL, not disclosure of the underlying service credential.

Missing User Warnings

High
Confidence
98% confidence
Finding
Including an unmasked API key in normal JSON output is a concrete secret-handling flaw, not merely a quality issue. In agent or automation environments, stdout is often persisted centrally, so this creates durable credential leakage well beyond the local machine.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal