ClawHub

Xhunt Hot Tweets

v0.1.0

从 XHunt 抓取 X/Twitter 热门推文榜单并输出中文摘要与互动数据。用户提到“最火推文/热门帖子/Top20/4小时最火/只要AI/AI最火/给我链接+摘要”等请求时使用。支持 group=global|cn、hours=1|4|24、tag=ai|crypto|全部,并可切换过滤模式(全部/仅AI产...

0· 329·1 current·1 all-time
by@dotheworknow·duplicate of @dotheworknow/xhunt-hot-tweets
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the behavior in SKILL.md: it scrapes https://trends.xhunt.ai and returns links, one-line Chinese summaries, and engagement stats. No unrelated env vars, binaries, or installers are requested.
Instruction Scope
Instructions are focused on fetching the target URL (browser snapshot preferred, fallback to web_fetch), extracting ranking fields, applying simple filtering modes, and producing a strict output format. The skill does not instruct the agent to read arbitrary files, access other services, or exfiltrate secrets.
Install Mechanism
No install spec and no code files — instruction-only skill. Lowest install risk (nothing written to disk by the skill itself).
Credentials
No environment variables, credentials, or config paths required. Network access to trends.xhunt.ai is reasonable and proportional to the stated function.
Persistence & Privilege
Defaults: not always-included and model invocation allowed (normal). The skill does not request persistent system-wide changes or elevated privileges.
Assessment
This skill appears coherent and lightweight: it only needs network access to https://trends.xhunt.ai and prefers a browser-snapshot tool for extraction. Before installing, confirm that your agent runtime has the necessary web-scraping/browser snapshot capability and that you trust the upstream site (results come from that domain). Be aware that mode=all will include political/controversial posts if present; the skill will return whatever is on XHunt and will not invent data but may return NA for missing fields. Because it is instruction-only and requests no secrets or installs, direct credential exfiltration is unlikely — still review runtime permissions for network access and autonomous invocation if you want to limit automatic scraping frequency.

Like a lobster shell, security has layers — review code before you run it.

latestvk976exjhr1ba1xvynb5b39x2jx81xd6g

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments