Xquik
PassAudited by VirusTotal on May 5, 2026.
Overview
Type: OpenClaw Skill Name: xquik Version: 1.6.13 The TweetClaw skill bundle is a well-documented integration for X/Twitter automation via the Xquik API. It features robust security instructions, including explicit prompt injection defenses that mandate treating all fetched social media content as untrusted data. The documentation (SKILL.md) enforces strict boundaries: it prohibits the agent from handling raw credentials, requires user confirmation for all write actions and credit-consuming operations, and restricts access to sensitive billing or account-management endpoints. The tool architecture is limited to a single egress origin (xquik.com), and no indicators of malicious intent or intentional vulnerabilities were found.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If approved, the agent could post publicly, send DMs, change social account state, start jobs, or spend credits.
The skill exposes broad X/Twitter mutation, paid, and recurring actions, but it also clearly requires explicit user confirmation before using them.
Before any visible, state-changing, paid, or recurring action, summarize the exact target, account, action, text/media when relevant, and estimated credits, then wait for explicit user confirmation. This includes posting, replying, deleting, liking, retweeting, following, unfollowing, sending DMs, editing profiles, uploading media, creating webhooks, creating monitors, running draws, and starting extraction jobs.
Only approve actions after checking the exact account, target, content, scope, and estimated cost.
Leaked or overused credentials could allow unauthorized account-backed actions or paid usage.
The skill may use sensitive account and payment/signing credentials, but the metadata discloses them and gives protective handling guidance.
XQUIK_API_KEY (optional) - Optional Xquik API key for account-backed TweetClaw workflows. Prefer storing it in OpenClaw plugin config rather than exposing it to the agent session.; MPP_SIGNING_KEY (optional) - Optional Machine Payments Protocol signing key for read-only pay-per-use mode. Store as sensitive OpenClaw plugin config and never print it.
Store credentials only in sensitive plugin configuration, avoid pasting them into chat, and rotate them if exposed.
The safety of the installed @xquik/tweetclaw package depends on that package’s actual code and provenance, not just this guide.
The guide instructs installation of an external plugin package, while the provided artifact set contains no plugin code for review.
openclaw plugins install @xquik/tweetclaw
Install only from the expected publisher/source, review the package or pin a trusted version where possible, and keep it updated.
A monitor or webhook could continue collecting or notifying about X/Twitter activity after setup.
The skill supports recurring monitoring and storage/notification behavior, but it frames them as user-confirmed and scope-limited.
For bulk extraction, draw, or monitor requests, keep limits narrow by default. State the requested limit, estimated cost, and storage or notification behavior. Ask for confirmation again if the user expands the scope, changes the target, or asks for recurring monitoring.
Set narrow limits, confirm stop conditions, and periodically review or disable active monitors and webhooks.