ClawHub

Opentwitter

Security checks across malware telemetry and agentic risk

Overview

This is a transparent Twitter/X API helper, but users should understand that their token and queries are sent to the 6551 service.

Install only if you trust the 6551 API provider. Use a revocable or scoped TWITTER_TOKEN if available, avoid submitting sensitive targets or searches you do not want processed by that service, and revoke the token when you no longer need the skill.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill directs users to send bearer-authenticated requests and Twitter query data to a third-party API but does not clearly warn that prompts, usernames, and access tokens are being transmitted off-platform. This creates a real privacy and security risk because users may submit sensitive investigative queries or misunderstand the trust boundary around the external service.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The documentation exposes follower-event and deleted-tweet monitoring features without any warning about surveillance, privacy, or acceptable-use concerns. These capabilities can be used for tracking individuals' behavior and inferred relationships, making the omission of safeguards and disclosure a meaningful security/privacy issue in context.

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
# Get new followers
curl -s -X POST "https://ai.6551.io/open/twitter_follower_events" \
  -H "Authorization: Bearer $TWITTER_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"username": "elonmusk", "isFollow": true, "maxResults": 20}'
Confidence
90% confidence
Finding
curl -s -X POST "https://ai.6551.io/open/twitter_follower_events" \ -H "Authorization: Bearer $TWITTER_TOKEN" \ -H "Content-Type: application/json" \ -d '{"username": "elonmusk", "isFollow": tru

External Transmission

Medium
Category
Data Exfiltration
Content
Get deleted tweets from a user.

```bash
curl -s -X POST "https://ai.6551.io/open/twitter_deleted_tweets" \
  -H "Authorization: Bearer $TWITTER_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"username": "elonmusk", "maxResults": 20}'
Confidence
92% confidence
Finding
curl -s -X POST "https://ai.6551.io/open/twitter_deleted_tweets" \ -H "Authorization: Bearer $TWITTER_TOKEN" \ -H "Content-Type: application/json" \ -d

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal