ClawHub

Search X

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a disclosed X/Twitter search helper that sends user-directed search queries to xAI, with no artifact-backed evidence of hidden or destructive behavior.

Before installing, understand that tweet-search prompts may be sent to xAI using your configured XAI_API_KEY. If you want tighter control, invoke it only with explicit X/Twitter search phrasing and keep the API key in a scoped local config or environment variable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger phrase "find tweets" is broad and can match ordinary user requests, causing the skill to activate when the user did not specifically intend to invoke this integration. That can redirect user queries to an external service, potentially sending sensitive or unrelated prompts to xAI/X search unexpectedly.

Shadow Command Trigger

Medium
Category
Trigger Abuse
Confidence
87% confidence
Finding
The trigger "search x" overlaps with a built-in "search" command and can shadow or intercept user intent intended for core search functionality. In agent systems, trigger collisions are dangerous because they can silently alter execution flow and send requests to a third-party provider instead of the trusted built-in tool.

Shadow Command Trigger

Medium
Category
Trigger Abuse
Confidence
87% confidence
Finding
The trigger "search twitter" similarly conflicts with the built-in "search" command and may capture generic search requests. This can cause unintended tool invocation, third-party data disclosure, and user confusion about which search backend is being used.

Shadow Command Trigger

Medium
Category
Trigger Abuse
Confidence
90% confidence
Finding
The trigger "find tweets" conflicts with a built-in "find" command and is also broadly phrased, increasing the chance of accidental activation. In context, this skill sends queries to an external API, so misrouting benign user requests has real privacy and integrity consequences even if the skill author appears benign.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal