xclaw
PassAudited by ClawScan on May 10, 2026.
Overview
This instruction-only skill is a coherent X/Twitter scraper, but users should realize it can collect logged-in timeline content and save it locally.
Before installing or invoking it, confirm you want the agent to scrape the selected X page, including any logged-in home timeline content, and to save reports and media under intel/x. Avoid using it on private or sensitive feeds unless you are comfortable storing that data locally.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may read and collect whatever posts are visible on the selected X page.
The skill directs the agent to control a browser and run page-evaluation JavaScript to extract X posts. This is expected for a scraper, but it is still tool authority the user should invoke deliberately.
browser.navigate({ url: "https://x.com/home" }) ... browser.act({ fn: "() => { ... document.querySelectorAll('article[data-testid=\"tweet\"]') ... }", kind: "evaluate" })Use it only for pages you intend to scrape, and specify the target page and collection limits clearly.
It could capture personalized or account-visible timeline content, not only public profile posts.
The X home timeline is typically tied to the currently logged-in account. The skill does not request credentials or show credential handling, but it may operate in an authenticated browser context.
Extract posts from home timeline ... browser.navigate({ url: "https://x.com/home" })Run it only in the X account context you intend to use, and avoid collecting private or sensitive timeline content unless that is your goal.
Scraped X content and media may remain on disk after the task and could be reused or viewed later.
The skill stores scraped post text, metrics, URLs, and downloaded media as persistent local files.
intel/x/ ├── {date}-{time}-X.md ... └── media/ ... image_{postId}_{index}.jpgReview the generated intel/x files and delete them if they contain sensitive or unwanted content.
There is less external information available to verify the author or maintenance history.
The skill has limited provenance information, though there are no code files or install steps in the provided artifacts.
Source: unknown; Homepage: none; No install spec — this is an instruction-only skill.
Treat it as a lightweight instruction skill and review the instructions before use, especially if future versions add code or install steps.