Skillv1.1.7

ClawScan security

TweetClaw · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 23, 2026, 12:07 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requirements and runtime instructions are consistent with an X/Twitter API wrapper (Xquik) and do not request unrelated system access or credentials.
Guidance: This skill appears to be a plain wrapper for the Xquik API and is internally consistent. Before installing: 1) Confirm you trust Xquik (https://xquik.com) and the plugin source; 2) Only store an apiKey with the minimum permissions needed (avoid keys that grant domain-wide or admin access); 3) Treat tempoSigningKey (if used) as a sensitive private key and only provide it if you understand the on‑chain payment flow; 4) Be aware the agent can perform actions (post, DM, follow) if invoked — review and restrict autonomous invocation if you want to prevent the agent from acting without confirmation; 5) Monitor billing/credits after enabling (top-ups and on‑chain payments can incur costs) and be ready to revoke the apiKey if you detect unexpected activity.

Review Dimensions

Purpose & Capability: okName/description advertise Twitter/X automation and the SKILL.md documents a large set of Xquik API endpoints (posting, searching, extracting, monitoring, giveaways). The declared primary credential (apiKey stored in plugin config) and alternate tempoSigningKey (for on‑chain MPP payments) are coherent with the described pay-per-use API and MPP features.
Instruction Scope: okSKILL.md's instructions and 'read_when' hooks are focused on X/Twitter operations (posts, reads, extraction, monitors, billing). There are no instructions to read unrelated local files, environment variables, or to exfiltrate data to unexpected endpoints beyond Xquik/docs links and payment endpoints.
Install Mechanism: okNo install spec or code files — instruction-only skill — so nothing is written to disk or downloaded at install time. This minimizes install-time risk.
Credentials: noteThe skill does not request environment variables; it declares a single plugin config entry (apiKey) and lists an alternate tempoSigningKey for on‑chain payments. Both credentials are reasonable for the service, but users should confirm the apiKey's scope/permissions and treat tempoSigningKey like any private key before providing it.
Persistence & Privilege: okalways is false and the skill is user-invocable; it does not request forced or system-wide persistence. The skill can be invoked autonomously by the agent (default behavior) — note this is platform normal and not flagged by itself.