xAI / Grok
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: x-ai Version: 1.0.2 The skill is classified as suspicious due to a potential arbitrary file read vulnerability in `scripts/chat.js`. The `imageToBase64` function uses `path.resolve` and `fs.readFileSync` on a user-provided image path. While it includes an extension whitelist (e.g., `.jpg`, `.png`), an attacker could potentially craft a path (e.g., `../../../secrets/mykey.png`) to read sensitive files that happen to have an allowed image extension and are accessible via path traversal. This is a vulnerability, not clear malicious intent, as the code's purpose is to facilitate image uploads to the xAI API. No evidence of prompt injection or other malicious behavior was found.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone using the skill is authorizing requests under their xAI account and may incur usage or expose account-scoped access permitted by that key.
The script uses the user's xAI API key as a bearer token for xAI API calls. This is expected for the integration, but it grants account/API quota authority.
function getApiKey() { return process.env.XAI_API_KEY || null; } ... 'Authorization': `Bearer ${apiKey}`Use a dedicated xAI API key if possible, keep it out of logs and shared shells, and revoke or rotate it if it may have been exposed.
Private prompts, image contents, and search queries may leave the local environment and be processed by xAI according to that service's terms and retention practices.
The skill discloses that prompts, selected images, and search requests are sent to xAI. This external provider data flow is central to the purpose and is not hidden.
Sends chat prompts to xAI's API at `api.x.ai` ... Vision mode sends images to xAI for analysis ... Uses xAI Responses API with x_search tool
Avoid sending confidential text or sensitive images unless you are comfortable sharing them with xAI under your account and policy requirements.