Hermes Tweet
PassAudited by VirusTotal on May 7, 2026.
Overview
Type: OpenClaw Skill Name: hermes-tweet Version: 1.0.2 The skill bundle provides a standard interface for interacting with the Xquik API for Twitter/X automation. It includes explicit safety guidelines in SKILL.md that instruct the agent never to reveal API keys, avoid sensitive account management endpoints, and require user approval for write actions. No evidence of data exfiltration, malicious execution, or prompt injection was found.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If approved, the agent could post, delete, follow, send DMs, or otherwise change X account state.
The skill exposes a broad action path for X account operations, including writes and private reads. The same instructions require a user request and action gating, so this is disclosed and purpose-aligned.
Use `tweet_action` only after the user requests a write, private read, monitor, webhook, extraction job, giveaway draw, or media operation that requires action permissions.
Review the exact endpoint and payload before approving any `tweet_action`, especially for posts, DMs, deletes, follows, or profile changes.
A configured API key may allow the Hermes/Xquik toolset to act on the connected X account according to the enabled permissions.
The skill needs an Xquik API key to access X functionality. It handles this in a safer way by telling the agent not to request the secret in chat, but users should still recognize this as delegated account authority.
IF `XQUIK_API_KEY` is missing, THEN ask the user to set it in the Hermes runtime environment without requesting the key value in chat.
Use the least-privileged Xquik key available, avoid sharing the key in chat, and enable action permissions only when needed.
The security of actual X account actions depends on the Hermes plugin/tool implementation, not just this instruction file.
The reviewed artifact is only an instruction file, while the actual Hermes plugin/tool implementation is not included in the provided files. The command is user-directed, but users should verify the plugin source separately.
After installing or upgrading the plugin in Hermes Agent: 1. Run `hermes plugins enable hermes-tweet`.
Install or enable the Hermes plugin only from a trusted source, and confirm the plugin version and permissions before using account actions.
A monitor, webhook, or extraction job could continue operating after the immediate chat request if the underlying service creates persistent jobs.
Monitors, webhooks, and extraction jobs can be ongoing or persistent operations. The skill requires summarization before action, but the artifact does not spell out duration or cleanup requirements.
For posting, deleting, following, DMs, profile changes, monitors, webhooks, extraction jobs, and draws, summarize the action before calling `tweet_action`.
Before approving monitors, webhooks, or extraction jobs, specify the duration, destination, stop condition, and how to disable or delete the job.