xAI Plus

AdvisoryAudited by Static analysis on May 10, 2026.

Overview

Detected: suspicious.env_credential_access, suspicious.exposed_secret_literal

Findings (7)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

NoteHigh Confidence

ASI04: Agentic Supply Chain Vulnerabilities

What this means

You have less external context for verifying the publisher or upstream project before trusting the bundled scripts with an API key.

Why it was flagged

The skill has limited upstream provenance information, although the artifacts do not show remote install scripts, package downloads, or hidden dependencies.

Skill content

Source: unknown; Homepage: none; No install spec — this is an instruction-only skill.

Recommendation

Verify the registry owner/package before use and prefer a dedicated, revocable xAI API key.

NoteHigh Confidence

ASI03: Identity and Privilege Abuse

What this means

The skill can consume your xAI account quota when invoked and may reuse an existing xAI/search-related API key from local config.

Why it was flagged

The script reads an xAI credential from environment variables or local Clawdbot config, including fallback aliases for related skill entries, then uses it for xAI API authentication.

Skill content

process.env.XAI_API_KEY || j?.env?.XAI_API_KEY || j?.skills?.entries?.["xai-plus"]?.apiKey || ... ["grok-search"]?.apiKey || ... ["search-x"]?.apiKey

Recommendation

Use a dedicated xAI API key for this skill, store it only in the intended config location, and revoke or rotate it if you stop using the skill.

NoteHigh Confidence

ASI07: Insecure Inter-Agent Communication

What this means

Sensitive text or selected image contents may be transmitted to xAI when the skill is used.

Why it was flagged

User prompts and any image files passed with --image are encoded into the request body and sent to xAI; other scripts similarly send search and analysis prompts to api.x.ai.

Skill content

content.push({ type: "input_image", image_url: toDataUrl(img) }); ... fetch("https://api.x.ai/v1/responses", ... body: JSON.stringify(body))

Recommendation

Do not send confidential prompts or images unless that is acceptable for your xAI account and data-handling expectations.

Findings (7)

critical

suspicious.env_credential_access

Location: scripts/analyze.mjs:36
Finding: Environment variable access combined with network send.

critical

suspicious.env_credential_access

Location: scripts/chat.mjs:34
Finding: Environment variable access combined with network send.

critical

suspicious.env_credential_access

Location: scripts/grok_search.mjs:44
Finding: Environment variable access combined with network send.

critical

suspicious.exposed_secret_literal

Location: scripts/analyze.mjs:113
Finding: File appears to expose a hardcoded API secret or token.

critical

suspicious.exposed_secret_literal

Location: scripts/chat.mjs:131
Finding: File appears to expose a hardcoded API secret or token.

critical

suspicious.exposed_secret_literal

Location: scripts/grok_search.mjs:156
Finding: File appears to expose a hardcoded API secret or token.

critical

suspicious.exposed_secret_literal

Location: scripts/models.mjs:53
Finding: File appears to expose a hardcoded API secret or token.