Skillv3.8.5

ClawScan security

twitterapi-io · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 29, 2026, 4:06 AM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill largely matches its stated purpose (using TwitterAPI.io) but has clear documentation/metadata mismatches around credentials and sensitive inputs (API key, login cookies, proxy credentials) that are not declared in the registry, so you should not install without clarifying those gaps.
Guidance: This skill appears to implement what it claims (TwitterAPI.io endpoints) but the package metadata fails to declare the sensitive inputs it actually needs. Before installing: 1) confirm the registry/provider will require you to supply TWITTERAPI_IO_KEY (X-API-Key) and that this will be stored/used securely; 2) understand that write operations need login_cookies (session cookie from login) and a residential proxy (credentials), both of which are highly sensitive — do not paste them into public chats or unsecured logs; 3) be cautious calling endpoints that send login_cookies in GET query params (they can end up in logs/urls); 4) verify the skill author/source and prefer official Twitter/X APIs if you need long-running write access; and 5) ask the publisher to update the skill metadata to list required env vars/primary credential and to document how secrets are expected to be provided so you can make an informed decision.

Review Dimensions

Purpose & Capability: concernThe skill's name/description (TwitterAPI.io integration) matches the SKILL.md content, but the registry metadata declares no required environment variables or primary credential while the SKILL.md repeatedly requires an X-API-Key ($TWITTERAPI_IO_KEY) and, for write actions, 'login_cookies' plus residential proxy credentials. That omission is an incoherence: a Twitter API skill should declare the API key and note additional sensitive inputs.
Instruction Scope: noteSKILL.md provides detailed curl examples and explicit instructions for read/write/login flows and warns about sending login_cookies in GET query params. It does not instruct the agent to read arbitrary host files, but it tells users to store the API key in a .env and to supply login_cookies and proxy credentials (sensitive). The guidance to avoid plain shell export is helpful, but the document exposes workflows that could leak secrets (login_cookies in URLs) and relies on the user to handle secrets correctly.
Install Mechanism: okInstruction-only skill with no install spec and no code files — low risk from installation artifact perspective (nothing is downloaded or executed on disk).
Credentials: concernThe skill requires at minimum TWITTERAPI_IO_KEY (X-API-Key) and—if performing writes—login_cookies and residential proxy credentials (including user:pass). None of these are declared in the registry metadata or listed as a primary credential. Requiring login cookies and proxy credentials is expected for this provider but is sensitive; the registry should declare these env/config requirements and the primary credential.
Persistence & Privilege: okThe skill does not request persistent 'always' inclusion and has no install-time actions that modify other skills or system settings. Autonomous invocation is allowed (platform default) but nothing else elevates privilege.