OpenClaw: suspicious
VirusTotal: benign
StaticScan: suspicious
OpenClaw: suspicious
The skill implements posting to X/Twitter and requests the expected OAuth keys, but there are inconsistencies (Node runtime not declared, no install instructions) and it includes automation/heartbeat ... [内容已截断]
VirusTotal: benign VT 报告
静态扫描: suspicious
Detected: suspicious.env_credential_access
README 未提供
无文件信息
{
"latestVersion": {
"_creationTime": 1773787191050,
"_id": "k974bhj32yjv4aswybvawz7pdd833zx1",
"changelog": "Fix YAML description to use trigger-phrase format (Use when\/NOT for). Add Gotchas: free tier limits, credential rotation, trailing newline auth failures, per-endpoint rate limits, permissions order.",
"changelogSource": "user",
"createdAt": 1773787191050,
"parsed": {
"clawdis": {
"requires": {
"env": [
"X_API_KEY",
"X_API_SECRET",
"X_ACCESS_TOKEN",
"X_ACCESS_TOKEN_SECRET"
]
}
}
},
"version": "1.1.0"
},
"owner": {
"_creationTime": 0,
"_id": "publishers:missing",
"displayName": "Neal Meyer",
"handle": "ngmeyer",
"image": "https:\/\/avatars.githubusercontent.com\/u\/3868701?v=4",
"kind": "user",
"linkedUserId": "kn72vgxs38j4b6mn2nfwy6w2jd80c3yp"
},
"ownerHandle": "ngmeyer",
"skill": {
"_creationTime": 1770863976613,
"_id": "kd77ned8mw5ppsxr2q0588acrx811fcb",
"badges": [],
"createdAt": 1770863976613,
"displayName": "X OAuth API",
"latestVersionId": "k974bhj32yjv4aswybvawz7pdd833zx1",
"ownerUserId": "kn72vgxs38j4b6mn2nfwy6w2jd80c3yp",
"slug": "x-oauth-api",
"stats": {
"comments": 0,
"downloads": 1040,
"installsAllTime": 2,
"installsCurrent": 2,
"stars": 2,
"versions": 2
},
"summary": "Post to X (Twitter) using the official OAuth 1.0a API. Use when asked to \"post to X\", \"tweet this\", \"post on Twitter\", create threads, delete tweets, or chec...",
"tags": {
"latest": "k974bhj32yjv4aswybvawz7pdd833zx1"
},
"updatedAt": 1774324250985
}
}