ClawHub

opentwitter

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Twitter/X lookup skill that sends user-directed API requests and a required token to a disclosed 6551 endpoint.

Install only if you trust the 6551 API service with your TWITTER_TOKEN and the usernames, searches, follower-event checks, or deleted-tweet lookups you submit. Prefer a dedicated or revocable token, avoid sensitive investigations unless appropriate, and review the provider's privacy and retention practices.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (7)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill repeatedly instructs users to send a Bearer token to a third-party service but does not include any warning about credential sensitivity, storage, rotation, scope, or trust of the remote endpoint. This is dangerous because users may paste production secrets into an unvetted external API workflow without understanding that the token will be transmitted off-host on every request.

External Transmission

Medium
Category
Data Exfiltration
Content
env:
        - TWITTER_TOKEN
      bins:
        - curl
    primaryEnv: TWITTER_TOKEN
    emoji: "\U0001F426"
    install:
Confidence
87% confidence
Finding
curl primaryEnv: TWITTER_TOKEN emoji: "\U0001F426" install: - id: curl kind: brew formula: curl label: curl (HTTP client) os: - darwin - linux

External Transmission

Medium
Category
Data Exfiltration
Content
Search tweets with various filters.

```bash
curl -s -X POST "https://ai.6551.io/open/twitter_search" \
  -H "Authorization: Bearer $TWITTER_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"keywords": "bitcoin", "maxResults": 20, "product": "Top"}'
Confidence
92% confidence
Finding
curl -s -X POST "https://ai.6551.io/open/twitter_search" \ -H "Authorization: Bearer $TWITTER_TOKEN" \ -H "Content-Type: application/json" \ -d '{"keywords": "bitcoin", "maxResults": 20, "produc

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
# Get new followers
curl -s -X POST "https://ai.6551.io/open/twitter_follower_events" \
  -H "Authorization: Bearer $TWITTER_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"username": "elonmusk", "isFollow": true, "maxResults": 20}'
Confidence
91% confidence
Finding
curl -s -X POST "https://ai.6551.io/open/twitter_follower_events" \ -H "Authorization: Bearer $TWITTER_TOKEN" \ -H "Content-Type: application/json" \ -d '{"username": "elonmusk", "isFollow": tru

External Transmission

Medium
Category
Data Exfiltration
Content
Get deleted tweets from a user.

```bash
curl -s -X POST "https://ai.6551.io/open/twitter_deleted_tweets" \
  -H "Authorization: Bearer $TWITTER_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"username": "elonmusk", "maxResults": 20}'
Confidence
92% confidence
Finding
curl -s -X POST "https://ai.6551.io/open/twitter_deleted_tweets" \ -H "Authorization: Bearer $TWITTER_TOKEN" \ -H "Content-Type: application/json" \ -d

External Transmission

Medium
Category
Data Exfiltration
Content
Get which KOLs (Key Opinion Leaders) are following a user.

```bash
curl -s -X POST "https://ai.6551.io/open/twitter_kol_followers" \
  -H "Authorization: Bearer $TWITTER_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"username": "elonmusk"}'
Confidence
90% confidence
Finding
curl -s -X POST "https://ai.6551.io/open/twitter_kol_followers" \ -H "Authorization: Bearer $TWITTER_TOKEN" \ -H "Content-Type: application/json" \ -d

External Transmission

Medium
Category
Data Exfiltration
Content
### Crypto Twitter KOL Tweets
```bash
curl -s -X POST "https://ai.6551.io/open/twitter_user_tweets" \
  -H "Authorization: Bearer $TWITTER_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"username": "VitalikButerin", "maxResults": 10}'
Confidence
90% confidence
Finding
curl -s -X POST "https://ai.6551.io/open/twitter_user_tweets" \ -H "Authorization: Bearer $TWITTER_TOKEN" \ -H "Content-Type: application/json" \ -d '{"username": "VitalikButerin", "maxResults":

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal