Opentwitter
PassAudited by ClawScan on May 1, 2026.
Overview
This instruction-only skill is coherent with its stated purpose of querying a Twitter/X data API, but users should notice that it sends requests and a bearer token to an external 6551 service.
Before installing, confirm that you trust the 6551 service and the skill publisher, use a limited or revocable token if possible, and avoid sending sensitive search terms or account identifiers unless you are comfortable sharing them with that provider.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent can use the documented commands to query Twitter/X-related data through the 6551 API.
The skill exposes direct curl-based API operations. This is purpose-aligned for an API data skill, but users should understand that requests are made directly to the external service.
curl -s -X POST "https://ai.6551.io/open/twitter_search" ... -H "Authorization: Bearer $TWITTER_TOKEN"
Use the skill for intended queries only and review requested usernames, search terms, and limits before allowing broad automated use.
Anyone or any agent process using this skill with the environment variable can make authenticated 6551 API requests under that token.
The skill requires a bearer token for the 6551 API. This is disclosed and expected, but the token is still delegated account authority.
All endpoints require a Bearer token via `$TWITTER_TOKEN`.
Provide a scoped token if available, keep it out of logs and shared sessions, and revoke it if you stop using the skill.
Users have less registry-level context for who maintains the skill and where to verify it.
The package provenance is not fully described. There is no included executable code beyond instructions, so this is a provenance notice rather than a concrete unsafe behavior.
Source: unknown; Homepage: none
Verify that the publisher and 6551 API endpoint are trusted before installing or providing a token.
Twitter/X usernames, search terms, and the bearer token are transmitted to the 6551 API when the skill is used.
The skill sends authenticated requests and query parameters to an external provider. This is disclosed and purpose-aligned, but it is a data boundary users should notice.
**Base URL**: `https://ai.6551.io`
Do not send sensitive private inputs as search parameters unless you are comfortable sharing them with the provider.