Oathe Security Badge

Is 0xArtex/x-research-skill safe?

https://clawhub.ai/0xArtex/x-research-skill

88
SAFE

This skill appears to be a legitimate Twitter/X research tool for cryptocurrency analysis. It contains clean documentation and a straightforward shell script that makes API calls to generate research reports about Solana-related discussions.

Category Scores

Prompt Injection 98/100 · 30%
Data Exfiltration 80/100 · 25%
Code Execution 75/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 85/100 · 5%

Findings (3)

MEDIUM External API Connections -20

The skill makes HTTP requests to api.twitterapi.io to fetch Twitter/X data for research purposes. While legitimate, this involves sending queries to a third-party service.

LOW Shell Script Execution -25

Contains generate-report.sh that executes curl, jq, and file operations to create research reports. The script appears safe and performs expected functionality.

INFO API Key Storage Requirement 0

Requires storing Twitter API credentials in ~/.openclaw/secrets/twitterapi.env. This is standard practice for API-based tools but represents credential storage.