ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

AIsa Twitter API (Search + Post)

v1.0.1

Searches and reads X (Twitter): profiles, timelines, mentions, followers, tweet search, trends, lists, communities, and Spaces. Publishes posts after the use...

4· 3.1k·16 current·16 all-time
by@aisapay
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (Twitter read + post) match the code and SKILL.md: the skill calls a relay API (api.aisa.one) to perform read operations and OAuth-based posting. Requiring AISA_API_KEY, curl, and python3 is consistent with this design. However, the homepage listed (openclaw.ai) differs from the relay domain (aisa.one), which is worth verifying.
!
Instruction Scope
Runtime instructions and code instruct the agent to (a) read local workspace file paths and upload them to the relay, (b) open OAuth approval links in the browser, and (c) post content on the user's behalf. The code also reads other env vars (TWITTER_RELAY_BASE_URL, TWITTER_RELAY_TIMEOUT) although only AISA_API_KEY is declared in metadata. Uploading local attachments and OAuth tokens to a remote relay is expected for this flow but is a privacy/exfiltration risk users must accept explicitly.
Install Mechanism
No install spec (instruction-only with included scripts). No downloads from arbitrary URLs; scripts are provided with the skill. Risk from install mechanism is low.
Credentials
Only AISA_API_KEY is declared and used as the primary credential, which is appropriate for a relay-based API. The code may also use TWITTER_RELAY_BASE_URL and TWITTER_RELAY_TIMEOUT (with defaults) but these are optional. One implementation detail: some POST requests explicitly add the API key to JSON bodies (body.setdefault('aisa_api_key', ...)), which increases the places the key is transmitted and could broaden leakage if the relay or intermediate logging is compromised.
Persistence & Privilege
always:false and user-invocable:true — the skill is not force-included and can be invoked by the agent normally; it does not request elevated platform privileges.
What to consider before installing
This skill works by proxying all Twitter/X reads, OAuth flows, and media uploads through aisa.one. Before installing: (1) confirm you trust aisa.one and its privacy/security practices, because all tweets, follower data, OAuth approvals, and any workspace files you upload will be sent to that service; (2) understand AISA_API_KEY is the only declared credential but is sent in headers and sometimes in POST bodies—treat it like a secret and do not reuse it for other services; (3) note the SKILL homepage (openclaw.ai) does not match the relay domain (aisa.one) — ask the publisher to clarify ownership and privacy policy; (4) avoid uploading sensitive files or secrets via this skill unless you trust the relay; (5) if you need stronger assurances, review the included Python scripts locally, run them in a sandbox, or prefer a skill that integrates directly with the official Twitter API under your own credentials.

Like a lobster shell, security has layers — review code before you run it.

latestvk976ap6bpddgjc1xkwpwfbm83h844tzg

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🐦 Clawdis
Binscurl, python3
EnvAISA_API_KEY
Primary envAISA_API_KEY

Comments