Twitter Operations
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: twitter-operations Version: 1.0.0 The skill is classified as suspicious due to several high-risk capabilities, even though no explicit malicious intent is demonstrated in the provided files. Key indicators include the ability to 'scrape tweets and user profiles' and 'archive tweets and user data' (implying extensive data collection), the `python-dotenv` dependency (allowing access to environment variables), and the use of 'alert-webhook' in examples (demonstrating outbound network connections to arbitrary URLs, a potential exfiltration vector). Additionally, 'bulk operations' and local file writing for analytics (`~/twitter_stats.csv`) present further risks if misused.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked too broadly, the agent could damage reputation, violate platform rules, or alter an account at scale.
These are high-impact account actions that can publish content, interact with private messages, and alter follower/block state, but the artifact does not specify approval gates, hard limits, or rollback protections.
"Post tweets and threads", "Reply to mentions and direct messages", "Follow/unfollow users based on criteria", "Like and retweet content", "Bulk operations (mass follow/unfollow/block)", "Community management and moderation"
Require explicit user approval before every post, DM/reply, like/retweet, follow/unfollow/block, or moderation action; add dry-run previews and strict per-task limits.
The user may unknowingly run automation that appears deceptive or violates Twitter/X automation policies.
This wording suggests making automated bulk activity look like human behavior, which is a risky framing for social-platform automation and may encourage evasion of platform safeguards.
"Add delays between bulk operations to appear more human-like"
Remove stealth-style guidance and replace it with clear compliance language, opt-in rate limits, and warnings against spam or evasion.
A broadly scoped token could let the agent post, read, or mutate account data beyond what the user intended.
The skill describes using OAuth credentials and potentially multiple accounts, while registry metadata declares no primary credential or required env vars; token scope and account boundaries are not defined.
"Handle Twitter authentication (OAuth 1.0a/2.0)" ... "Manage multiple Twitter accounts" ... "credentials_file": "~/.openclaw/twitter_credentials.json"
Declare the credential requirement in metadata, document the minimum OAuth scopes, bind each operation to a selected account, and avoid storing or using tokens without explicit user setup.
The skill could continue monitoring or replying after the user’s immediate task, creating unwanted public interactions.
These capabilities imply ongoing autonomous behavior, but the artifact does not define duration limits, stop commands, approval review queues, or containment for automated responses.
"Implement Twitter bot functionality", "Auto-reply to specific keywords or patterns", "Real-time streaming of tweets", "Detect and respond to specific user interactions"
Require explicit start/stop controls, maximum runtime, review-before-send defaults, and visible status/audit logs for any scheduled, streaming, or auto-reply mode.
Tweets, account analytics, or other social data may be retained locally longer or more broadly than the user expects.
The skill enables persistent archiving of tweets and user data, but the visible artifact does not define retention, exclusions, access controls, or whether private account data could be included.
"Archive tweets and user data", "archive_tweets": true, "archive_dir": "~/.openclaw/archives/twitter"
Make archiving opt-in, define exactly what is stored, add retention and deletion controls, and avoid storing private messages or sensitive account data unless explicitly requested.