ClawHub

grok-search

v0.2.1

Search the web or X/Twitter using xAI Grok server-side tools (web_search, x_search) via the xAI Responses API. Use when you need tweets/threads/users from X, want Grok as an alternative to Brave, or you need structured JSON + citations.

7· 4.8k·18 current·20 all-time
by@notabhay
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (Grok/xAI web and X/Twitter search) align with the code and declared requirements: the scripts call xAI Responses API endpoints and require node + XAI_API_KEY as expected.
Instruction Scope
Runtime instructions and scripts are focused on searching and chat via xAI and do not attempt to contact unexpected remote endpoints. They do read local files you supply (image paths) and explicitly read ~/.clawdbot/clawdbot.json as a lookup for the API key (the SKILL.md documents this lookup). The selftest script runs multiple real API calls (live queries) which can incur API usage; that behavior is visible in the scripts but may be surprising to users who run the selftest without realizing it.
Install Mechanism
No install spec; this is instruction+script-based and requires node on PATH. No remote installers or downloads are used.
Credentials
Only XAI_API_KEY is declared and used as the primary credential, which fits the skill's purpose. The scripts also attempt to read fallback API keys from ~/.clawdbot/clawdbot.json (including skills.entries[...].apiKey). That lookup is intended as convenience but means the skill will read a local config file that may contain other stored keys; the script only extracts the XAI key fields, but users should be aware of this local file access.
Persistence & Privilege
always is false and the skill does not request permanent platform presence or modify other skills. It runs as invoked and does not attempt to change agent/system-wide settings.
Assessment
This skill appears to do what it says: call xAI (Grok) search tools and return structured JSON. Before installing/using: - Provide an XAI_API_KEY via environment variable if you prefer to avoid the skill reading ~/.clawdbot/clawdbot.json. The scripts will try that config file as a fallback and will look for apiKey entries for other skills there. - Be aware the included selftest runs multiple live API calls (chat, searches, model listing). Running it will use your XAI API key and may consume quota or incur cost; only run it intentionally. - The scripts accept image file paths and will base64-embed those images in requests — don't pass sensitive images unless you want them uploaded to x.ai. - If you store secrets in ~/.clawdbot/clawdbot.json, inspect that file or move/limit sensitive entries before using this skill. The code is readable (no obfuscated network calls) — you can review the scripts locally to confirm behavior.

Like a lobster shell, security has layers — review code before you run it.

latestvk978nxqfj0bv3dnq1hffbq86297zzfmm

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔎 Clawdis
Binsnode
EnvXAI_API_KEY
Primary envXAI_API_KEY

Comments