Back to skill
Skillv1.0.0
VirusTotal security
fapi.uk Twitter All-in-One API · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 6:44 AM
- Hash
- 515698e679f58772a23db7eef0efd0db547aa949ce7287f91f4282eea309498c
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: fapi-twitter Version: 1.0.0 The skill requires users to provide highly sensitive Twitter session credentials (auth_token and ct0) and an API key to be sent to a third-party service (fapi.uk). While this is aligned with the stated purpose of providing an unofficial Twitter API, the requirement to share session tokens with an external endpoint poses a significant security risk to the user's account. No evidence of intentional exfiltration to unauthorized parties or hidden malicious code was found in the provided SKILL.md or README.md.
- External report
- View on VirusTotal