Skillv1.0.2

ClawScan security

X Twitter · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 1, 2026, 8:56 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requirements and instructions are consistent with a PowerShell-based X/Twitter API helper that reads local OAuth1 credentials and calls api.twitter.com; nothing requested appears unrelated to its stated purpose.
Guidance: This skill appears coherent for managing an X/Twitter account via API using PowerShell and a local credentials file. Before installing: (1) Create a dedicated X Developer App and use app/tokens with the minimum permissions needed (prefer read-only when possible until you need write actions). (2) Store credentials in the indicated file and set strict file permissions (chmod 600 / icacls) as recommended. (3) Treat the access token/secret as sensitive and rotate/revoke them if the host or skill usage is ever suspect. (4) Remember the skill is instruction-only: it relies on the agent's runtime for network calls — only grant it to agents you trust to make requests to api.twitter.com. (5) If you need stronger assurance, review the truncated request examples in SKILL.md (or test in an isolated environment) to confirm all network calls go only to api.twitter.com and that no additional telemetry or external endpoints are used.

Purpose & Capability: okName, description, declared required binaries (powershell/pwsh), and the explicit requirement to read ~/.config/x-twitter/credentials.json align with a Twitter/X API manager that needs OAuth keys and secrets. There are no unrelated env vars, binaries, or config paths requested.
Instruction Scope: okSKILL.md explicitly instructs the agent to read the local credentials file, construct OAuth 1.0a headers, and call api.twitter.com endpoints. It does not instruct reading unrelated system files, requesting other credentials, or sending data to third-party endpoints. The doc also advises restricting file permissions and rotating tokens, which is appropriate operational guidance.
Install Mechanism: okThere is no install spec and no code files to write to disk; the skill is instruction-only. This minimizes install-time risk—nothing is downloaded or installed by the skill itself.
Credentials: okThe only sensitive data required are the four OAuth fields stored in the declared credentials.json path, which is necessary for the stated capabilities. No unrelated credentials or broad environment access is requested.
Persistence & Privilege: okalways is false (default), the skill is user-invocable and may be called autonomously (platform default) but does not request permanent presence or system-wide configuration changes.