ClawHub

X Twitter Scraper

Security checks across malware telemetry and agentic risk

Overview

This is a clearly disclosed Xquik/X integration skill with high-impact social-media capabilities, but its artifacts consistently require user approval for writes, private reads, bulk jobs, and persistent monitoring.

Install only if you trust Xquik with the X data and connected-account actions you authorize. Use a scoped, revocable API key, review every confirmation prompt carefully before writes, DMs, private reads, exports, monitors, or webhooks, and avoid using bulk exports for harassment, surveillance, or unauthorized profiling.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The documentation exposes a broad set of externally visible and destructive write operations (tweeting, deleting tweets, follows, profile edits, DMs, community actions) but does not place a strong, section-wide confirmation requirement in front of them. In an agent setting, this increases the chance of unintended real-world actions if the model treats these endpoints as routine tool calls rather than explicitly user-authorized operations.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
This documentation promotes bulk extraction of followers, likers, community members, list members, and export of up to large result sets in multiple formats, but provides no privacy, consent, acceptable-use, or anti-abuse guidance. In the context of a social-media scraping skill, that omission materially increases the risk of the tool being used for mass profiling, targeting, or unauthorized data aggregation, especially because the skill explicitly supports follower extraction, likes, DMs-related capabilities in metadata, and easy export workflows.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal