ClawHub

TwitterApi Research

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed, read-only X/Twitter research helper that uses twitterapi.io and local cache files, with no evidence of hidden posting, destructive actions, or unrelated data exfiltration.

Install only if you are comfortable sending X/Twitter research queries, profile names, tweet IDs, and your twitterapi.io API key to that provider. Use a dedicated prepaid API key, prefer TWITTERAPI_IO_KEY in the environment over a shared global.env file, monitor API-credit usage, and clear cache, watchlist, and draft files after sensitive research.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The code reads an API key not only from the process environment but also from a user-local file at ~/.config/env/global.env. That expands the skill's credential-access scope beyond what is necessary for X research and allows the skill to consume locally stored secrets without an explicit user opt-in, which is risky in an agent setting where tool behavior should be narrowly scoped and transparent.

Vague Triggers

Medium
Confidence
81% confidence
Finding
The natural-language triggers are broad conversational phrases like 'what are people saying about' and 'check X for', which could cause the skill to activate unintentionally in normal dialogue. In an agent environment, accidental invocation can lead to unexpected external API calls, data transmission to a third party, and unnecessary spend using the configured API key.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The trigger phrases include broad natural-language patterns such as 'what are people saying about' and 'check X for,' which are common conversational requests and may cause accidental invocation. Overly broad activation can route sensitive user prompts into a networked third-party workflow without clear intent, increasing the chance of privacy leakage or unnecessary API calls. Because this skill performs external lookups, false activations are more consequential than for a purely local tool.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill mentions use of twitterapi.io, but it does not clearly warn users that their queries, usernames, tweet IDs, and other requested subjects will be transmitted to a third-party service. This is a privacy and data-handling transparency issue: users may assume they are only searching public X content, not exporting their research intent or targets to another provider. The risk is amplified by the skill's broad research use cases, which may include sensitive business, reputation, or personal topics.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The search path sends user-provided queries, usernames, tweet IDs, and related identifiers to twitterapi.io, a third-party service, without any disclosure or consent mechanism at the call site. In a research agent, users may assume local processing, so undisclosed transmission can leak sensitive prompts, targets, or investigative topics to an external provider.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal