ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

X Ads CLI

v1.0.0

X Ads data analysis and reporting via x-ads-cli. Use when the user wants to check X/Twitter ad performance, pull campaign/line item/promoted tweet stats, exp...

0· 48·0 current·0 all-time
by@bin-huang
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchasesRequires OAuth token
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The SKILL.md behavior (query ad accounts, campaigns, line items, stats) aligns with the skill name and description — the advertised capabilities are coherent for an X Ads reporting tool.
!
Instruction Scope
The runtime instructions reference four OAuth 1.0a credentials (API Key/Secret, Access Token/Secret) and a credentials file (~/.config/x-ads-cli/credentials.json), but the skill registry metadata lists no required environment variables or credentials. The instructions also instruct the agent/user to run external commands (x-ads-cli) and to install an npm package if missing. SKILL.md therefore accesses sensitive data and external programs not reflected in the metadata.
Install Mechanism
There is no install spec in the registry (instruction-only), but the doc tells users to run 'npm install -g x-ads-cli' if the CLI is missing. Installing an npm package globally is a reasonable deployment method for a CLI, but it introduces supply-chain risk if the package provenance is unknown. The skill does not provide a verified source (homepage/GitHub) for the package.
!
Credentials
The tool legitimately needs OAuth credentials for X Ads, but the registry metadata declares no required env vars or primary credential while SKILL.md expects X_ADS_API_KEY, X_ADS_API_SECRET, X_ADS_ACCESS_TOKEN, and X_ADS_ACCESS_TOKEN_SECRET and/or a credentials file. That mismatch means automated permission checks could underreport what the skill needs; these are sensitive secrets and should be declared.
Persistence & Privilege
The skill does not request always:true and does not declare system-wide persistence. It does read a credentials file in the user's home config directory (expected for CLI tools). Autonomous invocation is allowed by default — combine that with credential access only if you trust the skill/package.
What to consider before installing
Before installing or enabling this skill: 1) Verify the x-ads-cli package provenance (official repo or publisher) — do not blindly npm install a package with no homepage. 2) Expect to supply four OAuth credentials or a credentials file; treat these as sensitive secrets and only provide them if you trust the CLI's origin. 3) Prefer passing a per-command credentials file (the --credentials flag) or using least-privilege tokens rather than storing tokens in a shared home config. 4) Because the registry metadata does not list the required env vars, consider this a metadata/packaging oversight — ask the skill author for a source URL or signed release before granting access. 5) If you cannot verify the package source, do not install it globally; consider running it in an isolated environment (container/VM) and review what network calls it makes.

Like a lobster shell, security has layers — review code before you run it.

latestvk971sv36eakaaajmgrqzf443hh84cwgm

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments