Back to skill
Skillv1.0.0
VirusTotal security
FakeX-Till-YouAI · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 7, 2026, 10:26 AM
- Hash
- 7ff90c9c25192a53a593f0fcca0f434986c05d0a62a84b87db4350f4cbe9a2ba
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: fakex-till-youai Version: 1.0.0 The skill requests and stores sensitive X (Twitter) API credentials (key, secret, and tokens) in a local configuration file (~/.x-post-orchestrator/config.json) and references external execution scripts (tools/x_post_via_api.js and tools/x_schedule_posts.js) that are not included in the provided files. While these capabilities are plausibly needed for the stated purpose of automated posting, the handling of high-value secrets and the reliance on unverified external logic represent a significant security risk.
- External report
- View on VirusTotal