Back to skill
Skillv1.1.4
ClawScan security
readx · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 23, 2026, 4:48 AM
- Verdict
- Benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's requirements and runtime instructions are internally consistent with a Twitter/X analysis tool, but it depends on an external service (readx.cc) and includes practices (embedding API keys in URLs/config) that carry privacy/leakage risk you should consider before installing.
- Guidance
- This skill appears to do what it says: it calls a remote readx.cc service and needs an API key. Before installing, verify you trust readx.cc (it's the only network endpoint used). Prefer storing the API key in a secure place (environment variable or credential store) rather than embedding it into URLs or plaintext files. If asked, decline having the agent itself write credentials to your config unless you trust the skill and know exactly where and how the key will be stored. Avoid pasting the API key into public logs or chat. If you want stronger assurance, ask the vendor for documentation, a privacy policy, and whether the MCP URL can be configured without the API key in the query string (e.g., via a secure header or token store).
Review Dimensions
- Purpose & Capability
- okName/description match the declared requirement (READX_API_KEY) and the SKILL.md describes calling a remote readx.cc API or MCP server for Twitter/X analysis. No unrelated credentials, binaries, or system paths are requested.
- Instruction Scope
- noteInstructions stay within analysis scope (resolve user→user_id, call timelines/search, derive metrics). They do instruct the agent to use curl and to read/write a readx credentials file and to add an MCP server URL that includes the API key query parameter; these are functional for the service but introduce credential-handling choices the user should review.
- Install Mechanism
- okInstruction-only skill with no install spec or code files — minimal disk/write footprint from the skill itself. All runtime behavior is via remote API calls or existing MCP tooling.
- Credentials
- noteOnly READX_API_KEY is requested (declared as primaryEnv) which is proportionate to an API-based analysis tool. However, the doc recommends embedding the API key in an MCP URL (https://readx.cc/mcp?apikey=<API_KEY>) and persisting it to a plaintext credentials file by default — both raise credential-exposure risks.
- Persistence & Privilege
- okalways:false and no requests to modify other skills or system-wide agent settings. The skill does instruct adding an MCP server entry to editor config and optionally writing the API key to a local config file — expected for this functionality but requires user consent.