Search X

Name/description claim real-time X search via Grok/xAI and the package only asks for an xAI API key and optionally reads a local clawdbot config for the same key. The code calls api.x.ai/v1/responses with an x_search tool payload — consistent with the stated purpose.

SKILL.md instructs running the bundled Node script and setting XAI_API_KEY (or the clawdbot config) which the script uses. A static scan flagged a 'system-prompt-override' pattern; this skill intentionally constructs a system prompt (payload.input) for the x_search tool when calling the Responses API, which explains the finding. There is no instruction to read unrelated files or to transmit data to endpoints other than api.x.ai.

No install spec; the skill is instruction-only plus a small local JS script. There are no downloads from untrusted URLs, no extract operations, and no package installs performed by the skill at runtime.

Only XAI_API_KEY is required (declared as primary). The script also respects optional SEARCH_X_MODEL and SEARCH_X_DAYS. It will attempt to read ~/.clawdbot/clawdbot.json to find a stored apiKey as a convenience fallback — this is consistent with its purpose but means it will read that config file if present.

The skill does not request permanent inclusion (always=false), does not modify other skills or system-wide settings, and does not write persistent data. It only reads a local config file if present.