Back to skill
Skillv1.0.0
ClawScan security
Twitter Article Reader · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 13, 2026, 3:15 PM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and instructions match its stated purpose (fetch Twitter/X content via the jina.ai proxy); it is an instruction-only skill with no extra credentials or installs, though it does route content through a third-party proxy (jina.ai).
- Guidance
- This skill appears internally consistent and low-risk technically because it only gives instructions to fetch content via the jina.ai proxy and uses no credentials or installs. Before installing, consider: 1) Privacy — using r.jina.ai sends the target URL (and the fetched content) to a third party (jina.ai); avoid sending sensitive or private links. 2) Legal/ToS — the proxy bypasses Twitter/X anti-bot measures and may conflict with site terms or paywalls; ensure you have the right to fetch the content. 3) Malicious URLs — do not provide internal/private URLs (e.g., 169.254/localhost or intranet addresses) since web_fetch may attempt network requests. If you need stronger privacy or compliance, prefer a solution you host yourself or verify jina.ai's privacy policy and retention practices.
Review Dimensions
- Purpose & Capability
- okName/description (Twitter Article Reader) match the instructions: construct a r.jina.ai proxy URL for the provided Twitter/X link and fetch the rendered markdown. No unrelated credentials, binaries, or installs are requested.
- Instruction Scope
- noteInstructions are narrowly scoped to building a jina.ai proxy URL and calling the agent's web_fetch tool to retrieve markdown. This is coherent with the purpose, but it explicitly routes the target URL and returned content through the third-party proxy (r.jina.ai), which has privacy and terms-of-service implications.
- Install Mechanism
- okNo install spec or code files are present (instruction-only), so nothing is written to disk or installed. This minimizes technical risk from supply-chain installs.
- Credentials
- okThe skill declares no environment variables, credentials, or config path access. The declared requirements are proportionate to the described functionality.
- Persistence & Privilege
- okThe skill does not request permanent presence (always: false) and does not modify system or other skill configs. Autonomous invocation is allowed by default but not a sign of misuse by itself.