Back to skill
Skillv1.0.3
VirusTotal security
Clawbird · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 3:58 AM
- Hash
- 2aebccaa088056bbfb87857be544ed0a087a1043e3c95be8735c287606cc0820
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: clawbird Version: 1.0.3 The OpenClaw AgentSkills skill bundle for 'clawbird' is classified as benign. The `SKILL.md` file transparently details the skill's purpose (X/Twitter integration), required credentials, network endpoints (exclusively `api.x.com`), and local file access (only `clawbird-interactions.jsonl` for logging). It explicitly warns about write actions and recommends user confirmation for autonomous use. While the skill installs an external npm package (`@xonder/clawbird`), this is openly declared as a supply chain consideration, with links to source code and npm, and advice to review or pin versions. There is no evidence of prompt injection, data exfiltration to unauthorized endpoints, malicious execution, persistence mechanisms, or obfuscation within the provided files.
- External report
- View on VirusTotal