Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
X Search (x402)
v1.0.0AI-powered X/Twitter search for real-time trends, breaking news, sentiment analysis, and social media insights. Use when users want to search Twitter/X for topics, hashtags, viral content, or public opinion. Costs $0.05 USDC per request via x402 protocol on Base network.
⭐ 0· 2.3k·7 current·8 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to perform paid X/Twitter searches via the x402 protocol, which reasonably requires a signing/payment key. However, the package/registry metadata declares no required env vars or primary credential while the SKILL.md and script explicitly require an X402 private key. That's an internal inconsistency: either the registry metadata is incomplete or the skill is asking for credentials that weren't disclosed.
Instruction Scope
SKILL.md and scripts/search.sh instruct the agent (and user) to provide a private key via env var or by placing a plaintext JSON file in home/current/PWD. The script reads that file and exports X402_PRIVATE_KEY, then invokes an external tool. There are no instructions limiting how the key may be used; storing a private key in ~/.x402-config.json is insecure and the script grants the external npm tool full access to that key at runtime.
Install Mechanism
There is no install spec in the skill registry, but the shipped script runs npx -y @itzannetos/x402-tools-claude x-search — which will fetch and execute code from the npm registry at runtime without a pinned version. That is a moderate-to-high risk vector: it executes third-party code fetched on demand and could run arbitrary network/file operations. The npm package author and package contents are not referenced in the skill metadata or SKILL.md for review.
Credentials
Requesting an x402/private key is proportionate to a paid blockchain-backed search service, but the skill fails to declare this credential in its manifest (registry shows no required env vars/primary credential). The SKILL.md also recommends storing the private key in plaintext files, increasing risk. The skill does not declare or justify other sensitive environment access, but the undocumented credential requirement is the main issue.
Persistence & Privilege
The skill is not marked always:true and does not request system-wide changes. It is user-invocable and can be invoked autonomously (platform default). It does read files in the user's home/current/PWD scopes but does not modify other skills or global config.
What to consider before installing
Do not run this script or call its npx command until you verify a few things: (1) The registry metadata should list the required credential (X402_PRIVATE_KEY) — its omission is an inconsistency. (2) Inspect the npm package @itzannetos/x402-tools-claude (or avoid npx) — npx -y will download and execute code that could exfiltrate your key. Prefer a pinned package version, or vendor the reviewed code into the skill instead of using npx. (3) Avoid storing private keys in plaintext files in your home directory; use environment variables or a secure signer/wallet. (4) If you must test, do so in an isolated environment (throwaway wallet with minimal funds/USDC) and review network calls made by the npm package. If you cannot validate the npm package author and contents, treat this skill as risky.Like a lobster shell, security has layers — review code before you run it.
latestvk97fveqh6057wkmwx3qbh75qyd804p1nsearchvk97fveqh6057wkmwx3qbh75qyd804p1nsentiment-analysisvk97fveqh6057wkmwx3qbh75qyd804p1nsocial-mediavk97fveqh6057wkmwx3qbh75qyd804p1ntrendsvk97fveqh6057wkmwx3qbh75qyd804p1ntwittervk97fveqh6057wkmwx3qbh75qyd804p1nxvk97fveqh6057wkmwx3qbh75qyd804p1nx402vk97fveqh6057wkmwx3qbh75qyd804p1n
License
MIT-0
Free to use, modify, and redistribute. No attribution required.