ClawHub

xAI Plus

Security checks across malware telemetry and agentic risk

Overview

This skill mostly matches its xAI search/chat purpose, but it needs Review because it reuses API keys from other skill config entries and includes detailed guidance for avoiding X spam/AI-detection signals.

Review before installing. Use a dedicated, revocable xAI API key for xai-plus, avoid submitting confidential prompts, screenshots, drafts, or regulated data, and do not rely on the social-media guidance to evade platform rules or moderation systems.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (9)

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
This section goes beyond neutral analysis and provides concrete ranking-signal guidance for maximizing reach and avoiding negative signals on X. In a skill intended for post analysis, embedding platform-optimization tactics can enable manipulation of recommendation systems and evasion of normal engagement-quality safeguards.

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
The guidance discusses account-level posting cadence and interaction-volume thresholds, which shifts the feature from evaluating a single post to advising on behavior patterns that avoid spam detection. That creates operational anti-detection value for users seeking to push aggressive engagement strategies while staying below enforcement heuristics.

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The script reads secrets from a global ~/.clawdbot config and, more concerningly, falls back to API keys stored under other skill entries such as grok-search and search-x. That creates cross-skill credential access beyond what this skill needs, so a user invoking this skill may unknowingly authorize it to use unrelated stored secrets and bill or act under another integration's credentials.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill sends user prompts, images, and analyzed X/Twitter content to xAI's external API, but the documentation does not clearly warn users that this data leaves the local environment and may be processed or retained by a third party. In an agent setting, users may unknowingly submit sensitive text, screenshots, or account-analysis targets, creating privacy, compliance, and data-handling risks.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README explains multiple locations from which API keys are loaded, including environment variables and user config files, but it does not include guidance on securing those credentials or avoiding accidental exposure in shared shells, repos, logs, or screenshots. This increases the chance of credential leakage and subsequent unauthorized use of the xAI account.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
This section gives concrete posting-volume, reply, and engagement tactics aimed at maximizing reach while avoiding spam detection, but it does not include clear warnings about platform rules, account enforcement, or abuse risks. In a skill focused on X/Twitter research and content analysis, this can enable policy-violating growth tactics or evasive behavior that could lead to account restrictions or be repurposed for coordinated spammy activity.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The document provides detailed, actionable tactics for maximizing reach, evading suppression signals, and recovering from flags or shadowbans, including volume thresholds and behavioral guidance. In the context of a skill designed to search and analyze X/Twitter content, this can enable users to circumvent platform moderation heuristics and optimize spam-like or manipulative behavior without any safety framing, policy caveats, or abuse-prevention boundaries.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
User-supplied post text, account handles, trend topics, and fetched X content are sent to the external xAI API without any explicit consent prompt, redaction step, or visible warning at the point of transmission. In this skill context, users may provide draft posts or sensitive research content and may not realize that all of it leaves the local environment for third-party processing.

Ssd 4

Medium
Confidence
96% confidence
Finding
The post-safety material incrementally teaches users how to rewrite content to appear more human, avoid spam/AI signals, and optimize for platform performance. Combined with concrete examples and scoring rules, this can be used to systematically evade detection mechanisms and scale manipulative or deceptive posting behavior.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal