ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Social Listening

v1.0.0

Monitors social conversations and sentiment around brands, topics, or industries by searching tweets and discussions to surface insights. Use when the user w...

0· 97·0 current·0 all-time
byMario Karras@mariokarras
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The SKILL.md expects the agent to run exa.js to search tweets, forums and other sources, which is directly relevant to social listening — but the skill metadata does not declare any required binaries, install steps, or credentials. That mismatch (calling a specific CLI without declaring it) is incoherent: a legitimate social-listening skill should declare the search tool it needs and any API credentials it requires.
!
Instruction Scope
Instructions explicitly tell the agent to read local context files if they exist (.agents/product-marketing-context.md or .claude/product-marketing-context.md). Reading those files may be reasonable for marketing context, but it gives the skill permission to access user filesystem content beyond the immediate task. The workflow also instructs wide-ranging searches and aggregation but does not constrain where results may be sent.
Install Mechanism
There is no install spec (instruction-only), which reduces direct installation risk. However, the runtime instructions rely on exa.js (a specific CLI), and no guidance is given about how to obtain or trust that tool. That omission is notable but not itself high-risk.
!
Credentials
The skill declares no required environment variables or credentials, yet it performs searches of Twitter/X and other platforms via exa.js. Accessing those APIs normally requires API keys/tokens or authenticated access; the absence of declared credentials is disproportionate and ambiguous. The SKILL.md also allows reading an agent-local context file which may contain sensitive information.
Persistence & Privilege
The skill is not forced-always and is user-invocable; it does not request persistent presence or system-wide changes in the instructions. It does not claim to modify other skills or global agent configuration.
What to consider before installing
Before installing or enabling this skill, ask the publisher to clarify: (1) which binary/executable provides the 'exa.js' command and how to install/verify it, (2) whether any API keys or tokens (Twitter/X or other platforms) are required and how they should be provided (declared env vars), and (3) what exactly will be read from local files (the .agents/.claude context file) and whether those files can contain sensitive data. If you proceed, run the skill in a sandboxed environment, confirm network activity and what endpoints are contacted, and avoid providing broad credentials until you verify the toolchain and publisher. If you cannot obtain this clarification, treat the skill as untrusted.

Like a lobster shell, security has layers — review code before you run it.

latestvk975j7hxpv6jc2hr2b9rh8tt558377fc

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments