Aisa Twitter Api
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill mostly matches its Twitter/X posting and search purpose, but it has credential and relay-configuration gaps that could expose API keys or account tokens if used incautiously.
Install only if you trust AIsa as a relay for your Twitter/X activity. Before use, leave TWITTER_RELAY_BASE_URL unset or verify it points to the intended AIsa HTTPS endpoint, do not enter a TWITTER_TOKEN unless the publisher explains why it is needed, and explicitly review anything you ask the agent to post.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal engine telemetry is currently stale for this artifact.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the environment variable is set unexpectedly or maliciously, the user's AIsa API key, tweet text, and uploaded media could be sent to an unknown or non-TLS relay.
Credential-bearing OAuth and posting requests can be pointed at an environment-selected relay host, including plain HTTP, rather than being pinned to the documented AIsa HTTPS endpoint.
base_url = normalize_base_url(get_env("TWITTER_RELAY_BASE_URL", DEFAULT_BASE_URL)) ... if parsed.scheme not in {"http", "https"} ... "Authorization": f"Bearer {aisa_api_key}"Keep TWITTER_RELAY_BASE_URL unset unless you intentionally trust the alternate relay; the publisher should pin the host to https://api.aisa.one by default, require HTTPS, and clearly document any override.
A user may enter a sensitive Twitter credential without understanding whether it is necessary, where it is used, or how to revoke it.
The plugin configuration requests a Twitter token credential, but the provided workflow describes AIsa OAuth with tokens stored server-side and does not clearly explain why a local TWITTER_TOKEN is needed or how it is scoped.
"TWITTER_TOKEN": { "type": "string", "title": "Twitter Token", "description": "Enter your TWITTER_TOKEN", "format": "password" }Do not enter a Twitter token unless the publisher documents exactly why it is needed; the publisher should remove this field or clearly disclose its purpose and scope.
Users may trust that all traffic is limited to AIsa even though the runtime can be configured to send sensitive data elsewhere.
This strong privacy claim is not fully enforced by the OAuth client, which accepts an alternate TWITTER_RELAY_BASE_URL host for credential-bearing requests.
No other external hosts are contacted. No data is sent to any domain other than `api.aisa.one`.
Treat the host limitation as conditional, verify the relay URL before use, and ask the publisher to align the documentation with the actual code behavior.
A post or media upload may become public on the authorized Twitter/X account.
The skill can publish public Twitter/X posts and upload user-provided media files. This is expected for the stated purpose, but it is a high-impact account action.
Try to publish the requested content first ... If the user attached workspace files, pass each image/video path with `--media-file`.
Use explicit wording when you want the agent to post, review content before requesting publication, and avoid attaching files you do not intend to upload.
Using the skill requires trusting AIsa with tweet content, media uploads, API usage, and server-side Twitter authorization.
The skill uses a third-party relay that can see request data and stores OAuth tokens server-side; this is disclosed and aligned with the purpose.
AIsa can see: All query parameters, tweet content, media files, and the AISA_API_KEY. AIsa stores: OAuth tokens server-side for authorized accounts.
Review AIsa's privacy and retention practices, rotate the AIsa API key if needed, and revoke Twitter/X connected-app access when you no longer use the skill.