Back to skill
Skillv1.0.2
VirusTotal security
Tweet Summarizer Lite · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 4:20 AM
- Hash
- d197543573c3e1aad892e3225f80028459f82ac464a5583c20a87fddfe47d8a2
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: tweet-summarizer-lite Version: 1.0.2 The skill's functionality aligns with its stated purpose of fetching and summarizing tweets, which inherently requires access to Twitter via user-provided session cookies (`AUTH_TOKEN`, `CT0`). These sensitive credentials are handled via environment variables, a recommended practice, and are explicitly documented in `SKILL.md`, `README.md`, and a comprehensive `SECURITY.md`. The `SECURITY.md` file is particularly strong, detailing risks, best practices, and explicitly stating 'No data exfiltration' and 'No credential logging'. The code uses `subprocess.run` to execute the `bird` CLI, passing arguments and environment variables, which is a legitimate use for its function. There is no evidence of obfuscation, unauthorized data exfiltration, persistence mechanisms, or prompt injection attempts against the agent. The local storage of tweets is within the designated workspace.
- External report
- View on VirusTotal