Interact with Twitter/X — read tweets, search, post, like, retweet, and manage your timeline.
Security Analysis
medium confidenceThe skill's behavior mostly matches a Twitter/X CLI wrapper, but there are a few mismatches and installation risks (npm package install vs included code) plus a flagged 'unicode-control-chars' pattern that warrant caution before installing.
Name/description match the runtime instructions and the included CLI implementation: reading, searching, posting and engagement actions are implemented (mocked). Requested credential (TWITTER_BEARER_TOKEN) is consistent with a Twitter API integration.
SKILL.md only instructs running the twclaw CLI and describes expected flags and behavior. It does not ask the agent to read unrelated system files or exfiltrate data. It does mention optional TWITTER_API_KEY/TWITTER_API_SECRET for write operations (which are optional, not required).
Install spec says to install the node package named 'twclaw' via npm. The skill also includes package.json and a local bin/twclaw.js implementation. It's unclear whether the platform will use the included code or run 'npm install twclaw' (which would fetch a package from the public registry). Installing from npm introduces moderate risk if the registry package name is unvetted or differs from the provided source.
Only TWITTER_BEARER_TOKEN is required (declared as primary), which is proportional. The SKILL.md references optional TWITTER_API_KEY and TWITTER_API_SECRET for write ops — acceptable as optional. Minor privacy note: auth-check prints the first 8 characters of the bearer token to stdout, which could leak a token fragment in logs.
always is false and the skill does not request any persistent system-wide privileges or config paths. Autonomous invocation is allowed (platform default) but not combined with other high-risk factors.
Guidance
This skill appears to implement a mock/local CLI for Twitter/X and only needs a Twitter bearer token — which is reasonable. However: (1) confirm how the install will be performed: if the platform runs 'npm install twclaw', that will fetch a package from the public npm registry (risk if package name is untrusted); prefer using the included code or verify the exact registry package contents before installing. (2) Inspect the raw SKILL.md for the reported unicode control characters (use a hex or visible-control-char view: e.g., cat -v, hexdump -C, or an editor that displays hidden characters) to ensure there is no hidden instruction or obfuscation. (3) Review the included bin/twclaw.js fully (it's mostly mock data) and confirm no network calls or unexpected behavior exist; note auth-check prints the first 8 chars of your bearer token to stdout — consider that log exposure when deciding where to use this token. (4) If you proceed, prefer installing from the provided files or verify the npm package's integrity (checksum/registry owner) and rotate the bearer token after testing if you installed from an untrusted source.
Latest Release
v2.3.1
- Rebranded skill as "twitter-openclaw" with updated description and emoji - Expanded documentation with detailed authentication instructions and command examples for all major Twitter/X actions (read, post, search, engage, manage lists) - Clarified output formatting options and result customization flags - Added operational guidelines (confirmation before write actions, output formatting, rate limiting) - Improved troubleshooting section for common errors (authorization, rate limiting)
Popular Skills
Published by @annettemekuro30 on ClawHub
