ClawHub

Twitter Command Center Search Post

v1.0.0

Search X/Twitter profiles, tweets, trends, and OAuth-gated posting through AIsa. Use when: the user needs Twitter research, monitoring, or engagement workflo...

0· 18·0 current·0 all-time
by@baofeng-tech
Security Scan
Capability signals
Requires OAuth tokenRequires sensitive credentialsPosts externally
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description match the observed behavior: the bundled Python scripts implement read/search operations and OAuth-backed posting via an AIsa relay. Required binary (python3) and primaryEnv (AISA_API_KEY) are appropriate and necessary for the declared functionality.
Instruction Scope
SKILL.md instructions stay within the Twitter/X research/posting scope and instruct using the included scripts and workspace media files. Important note: publishing and media uploads are proxied through a relay backend (default https://api.aisa.one), so user content, attachments, and the AISA_API_KEY are transmitted to that service. The skill avoids asking for passwords/cookies, which matches the guardrails.
Install Mechanism
No install spec; this is instruction + bundled script package. There are no external downloads or package installs in the package metadata, so nothing arbitrary is fetched during install. The risk surface is executing the included Python scripts locally.
Credentials
The declared AISA_API_KEY is appropriate as the primary credential. However, the scripts also read additional env vars (e.g., TWITTER_RELAY_BASE_URL, TWITTER_RELAY_TIMEOUT) that are not declared in requires.env in SKILL.md. These overrides can change where requests are sent and should be considered when assessing trust.
Persistence & Privilege
always is false and the skill is user-invocable; it does not request persistent system-wide privileges or modify other skills. Autonomous invocation is permitted (platform default) but not combined here with other high-risk indicators.
Assessment
This package appears internally consistent: it requires python3 and a single AISA_API_KEY, and the included scripts implement the advertised Twitter/X search and OAuth posting flows. Before installing or running: 1) Understand that your AISA_API_KEY, tweet content, and any image/video attachments will be transmitted to a third-party relay (default: https://api.aisa.one). Only proceed if you trust that service. 2) The scripts accept environment overrides (e.g., TWITTER_RELAY_BASE_URL) that are not declared in SKILL.md—review and lock those if you need to control endpoint behavior. 3) Inspect the included Python files yourself (they are bundled) to confirm no undesired network calls or logging occur, and consider using a dedicated API key with limited scope. 4) If you need stronger assurances, run the scripts in a sandbox or local network-restricted environment first.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🐦 Clawdis
Binspython3
EnvAISA_API_KEY
Primary envAISA_API_KEY
latestvk976yjhn5xgssrffx7yn0ejj6d85av0d
18downloads
0stars
1versions
Updated 4h ago
v1.0.0
MIT-0
@baofeng-tech
latest
Download

Twitter Command Center Search Post

Search X/Twitter profiles, tweets, trends, and OAuth-gated posting through AIsa. Use when: the user needs Twitter research, monitoring, or engagement workflows. Supports search, monitoring, and approved posting.

When to use

  • The user needs Twitter/X research, monitoring, posting, or engagement workflows.
  • The user wants profiles, timelines, trends, lists, communities, or Spaces.
  • The user wants approved posting without sharing passwords.

High-Intent Workflows

  • Research an account or conversation thread.
  • Monitor a keyword, trend, or competitor.
  • Authorize and publish a post after explicit approval.

Quick Reference

  • python3 scripts/twitter_client.py --help
  • python3 scripts/twitter_oauth_client.py --help

Setup

  • AISA_API_KEY is required for AIsa-backed API access.
  • Use repo-relative scripts/ paths from the shipped package.
  • Prefer explicit CLI auth flags when a script exposes them.

Example Requests

  • Research recent AI agent conversations on X
  • Search how users are reacting to a product launch on Twitter
  • Authorize and publish a short product update post

Guardrails

  • Do not ask for passwords, cookies, or browser credentials.
  • Do not claim posting succeeded until the API confirms it.
  • Return authorization links instead of relying on auto-open behavior.

Comments

Loading comments...