ClawHub

Felo X Search

Security checks across malware telemetry and agentic risk

Overview

This appears to be a disclosed X/Twitter search skill that uses Felo's external API, with privacy caveats but no evidence of hidden or destructive behavior.

Install only if you are comfortable sending X/Twitter search terms, usernames, tweet IDs, and related parameters to Felo's external API. Avoid using it for secrets, regulated data, or sensitive investigations unless your organization permits that third-party transmission, and prefer explicit X/Twitter search requests rather than relying on generic trigger words.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger list includes broad natural-language phrases such as "twitter," "tweet," "tweets from," and "replies to," which can cause the skill to activate in situations where the user did not explicitly intend to invoke this specific integration. In an agent setting, overbroad activation can route user requests and potentially sensitive query content to an external API unnecessarily, increasing privacy and data-handling risk even though the README itself is otherwise normal.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill clearly instructs users to send search queries, usernames, and tweet IDs to the external Felo API, but it does not prominently warn that user-supplied data will leave the local agent environment. This is a real privacy/transparency issue because users may provide sensitive identifiers or investigative queries without realizing they are being transmitted to a third-party service.

External Transmission

Medium
Category
Data Exfiltration
Content
| `-j, --json` | Output raw JSON |
| `-t, --timeout <seconds>` | Timeout in seconds (default: 30) |

### Option B: Call API with curl

```bash
# Search tweets
Confidence
87% confidence
Finding
curl ```bash # Search tweets curl -X POST "https://openapi.felo.ai/v2/x/tweet/search" \ -H "Authorization: Bearer $FELO_API_KEY" \ -H "Content-Type: application/json" \ -d '{"query": "AI news",

VirusTotal

53/53 vendors flagged this skill as clean.

View on VirusTotal