Skills
skills/leoyeai/openclaw-master-skills/twitter-openclaw/Gen Agent Trust Hub

twitter-openclaw

Pass

Audited by Gen Agent Trust Hub on Apr 6, 2026

Risk Level: SAFEPROMPT_INJECTIONCREDENTIALS_UNSAFECOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it ingests untrusted data from Twitter/X.\n
  • Ingestion points: Data is fetched via read, thread, search, and mentions commands in bin/twclaw.js.\n
  • Boundary markers: The skill instructions do not define delimiters or specific markers to separate untrusted content from system instructions.\n
  • Capability inventory: The agent can perform impactful actions such as tweet, reply, follow, and like via the twclaw tool.\n
  • Sanitization: While some input parameters like tweet IDs are sanitized, the actual text content of tweets is processed without filtering or sanitization.\n- [CREDENTIALS_UNSAFE]: The auth-check command in bin/twclaw.js outputs the first 8 characters of the TWITTER_BEARER_TOKEN environment variable to the console, which could lead to partial credential exposure in logs.\n- [COMMAND_EXECUTION]: The skill relies on shell execution of the twclaw CLI tool to perform its functions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 6, 2026, 03:38 AM