X Extract
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: x-extract Version: 1.0.0 The skill is suspicious due to a potential shell injection vulnerability in `SKILL.md`. The instructions for the AI agent explicitly use `exec` with `curl` to download media, constructing a shell command with `<media-url>` directly from an external source (x.com). If a malicious actor could control the content of `<media-url>` (e.g., by posting a tweet with a specially crafted URL containing shell metacharacters), this could lead to arbitrary command execution on the agent's host. This is a high-risk vulnerability, even if the stated purpose of downloading media is benign.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the selected browser profile is logged in, the agent could retrieve or display content that is visible only because of the user's account session, not just public tweet data.
The skill uses a browser profile, which may contain a logged-in X session, while presenting the workflow as credential-free and unable to access login-required content. The artifacts do not bound the profile to a clean unauthenticated session.
browser action=open profile=openclaw targetUrl=<x.com-url> ... **No credentials**: Cannot access protected tweets, DMs, or login-required content
Use a fresh, non-logged-in browser profile for this skill, and require explicit user confirmation before extracting anything that appears protected, private, age-restricted, or account-specific.
The agent may save remote media files onto the user's machine when asked to download images.
The media-download feature intentionally invokes local command-line download tools using URLs found in the page. This is purpose-aligned and user-requested, but it is still local command execution and remote file download.
If user requests `--download-media` or "download images" ... Use `exec` with `curl` or `wget` to download: `curl -L -o "tweet-{tweetId}-image-{n}.jpg" "<media-url>"`Only download media after user approval, restrict downloads to expected X/Twitter media hosts where possible, and report exact saved paths.