Back to skill
Skillv1.0.1
ClawScan security
Felo X Search · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousMar 13, 2026, 11:28 AM
- Verdict
- suspicious
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill appears to implement an X/Twitter search client that calls openapi.felo.ai, but its registry metadata does not declare the FELO_API_KEY environment variable the runtime actually requires — this mismatch is a meaningful incoherence you should be aware of before installing.
- Guidance
- This skill's code and documentation show it needs a FELO_API_KEY to call openapi.felo.ai, but the package metadata does not declare that required environment variable — that mismatch is the main red flag. Before installing: (1) verify the skill's source (homepage/source fields point to a trusted repo or vendor), (2) confirm that the platform will prompt you to provide FELO_API_KEY (and won't accept an empty value), (3) treat the FELO_API_KEY as a sensitive credential and only give a key with the minimum scope possible, and (4) if you need stronger assurance, ask the publisher to update metadata to explicitly declare FELO_API_KEY and FELO_API_BASE so the skill's required permissions are visible during review. If you do not trust the source or cannot confirm the declared requirements, do not install.
Review Dimensions
- Purpose & Capability
- concernThe name, README, SKILL.md, and bundled script all consistently implement a Felo X (Twitter) search client that calls https://openapi.felo.ai endpoints. However, the registry metadata lists no required environment variables or primary credential while both SKILL.md and the included script clearly require FELO_API_KEY (and optionally FELO_API_BASE). The missing declared credential in metadata is an inconsistency.
- Instruction Scope
- okSKILL.md instructions limit actions to calling Felo Open API endpoints (POST to /v2/x/...), checking FELO_API_KEY, formatting results, and returning Markdown/JSON. The instructions do not ask the agent to read unrelated files, system credentials, or transmit data to unexpected endpoints beyond the documented API base.
- Install Mechanism
- okThere is no install spec (instruction-only skill) and the only code is a local Node script. No external download/install from third-party URLs is present in the package. This is low-risk from an install mechanism perspective.
- Credentials
- concernRuntime behavior requires FELO_API_KEY (and optionally FELO_API_BASE) per SKILL.md and the script, but the skill's declared requirements list no environment variables or primary credential. That omission is disproportionate because users/platforms won't be prompted to supply or review the needed API key in metadata, and the missing declaration prevents simple auditing/permission checks.
- Persistence & Privilege
- okThe skill does not request permanent/always-on presence (always: false) and contains no code that alters other skills or system-wide configuration. Autonomous invocation (disable-model-invocation: false) is normal for skills and not flagged on its own.