Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Exa X Search
v1.0.0Search Twitter/X for tweets, discussions, and sentiment on topics, people, or brands using Exa's tweet category search. Use when the user mentions 'search Tw...
⭐ 0· 125·0 current·0 all-time
byMario Karras@mariokarras
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (Exa X Search) matches the instructions to run Exa's tweet-category search and analyze tweets. However, the skill implicitly requires a local tool (node tools/clis/exa.js) and a Node runtime that are not declared in the metadata. That omission is an inconsistency: a user would legitimately need the exa.js CLI and node installed to run this skill, so the metadata should have listed them.
Instruction Scope
SKILL.md tells the agent to read .agents/product-marketing-context.md (or .claude/product-marketing-context.md) if present — that instructs the agent to access workspace files outside the skill's declared config paths and could expose unrelated sensitive context. It also directs exec of a local Node script (node tools/clis/exa.js) which may execute arbitrary code and perform network calls; the doc gives no detail about what the CLI does, what endpoints it calls, or whether credentials are required. These behaviors are outside the limited surface the metadata describes and should be disclosed.
Install Mechanism
Instruction-only skill with no install spec and no code files. This is low install risk (nothing is written to disk by the skill package itself). The primary runtime risk derives from executing local binaries/scripts referenced in the instructions, not from an install step.
Credentials
The skill declares no required environment variables or credentials, yet the workflow implies use of a CLI that likely needs network access and API credentials (Exa or X/Twitter). The SKILL.md does not state which secrets (if any) are required or where they should be provided, creating a mismatch between capability and declared environment needs. Also, reading workspace context files can leak unrelated secrets. The lack of explicit credential requirements is an omission and therefore concerning.
Persistence & Privilege
The skill does not request always:true and is user-invocable only. It does not include an install step that modifies other skills or system-wide settings. No persistence/privilege flags are set in the metadata.
What to consider before installing
This skill appears to rely on a local Exa CLI (node tools/clis/exa.js) and a Node runtime, but the metadata doesn't declare those requirements or any API credentials. Before installing or using it: (1) verify you have (or are comfortable providing) the exa CLI and Node on the agent's environment; (2) inspect the tools/clis/exa.js script (or confirm its provenance) to ensure it doesn't exfiltrate data or read files you don't want shared; (3) check whether the CLI requires API keys (Exa or X/Twitter) and, if so, only provide them via controlled environment variables or a secrets manager; (4) be cautious about the instruction to read .agents/product-marketing-context.md/.claude/product-marketing-context.md — review those files for sensitive data before allowing the skill to access them. If you cannot validate the exa.js code or the skill's origin, consider not enabling it or running it in an isolated environment.Like a lobster shell, security has layers — review code before you run it.
latestvk97a1kxhhd1sqaxr5w89gbctj583518s
License
MIT-0
Free to use, modify, and redistribute. No attribution required.