TweetClaw
Security checks across malware telemetry and agentic risk
Overview
TweetClaw is a disclosed guide for using an X/Twitter automation plugin, with strong approval and credential-safety rules despite sensitive capabilities.
Before installing, verify the @xquik/tweetclaw plugin package and only configure credentials you are comfortable granting. Approve posts, DMs, profile changes, paid extractions, draws, monitors, or webhooks only after checking the exact account, target, content, cost, scope, and how recurring activity can be stopped.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.