← Back to Skills Marketplace

Wip X

Name: Wip X
Author: parkertoddbrooks

by Parker Todd Brooks · GitHub ↗ · v1.0.1

cross-platform ⚠ suspicious

573

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install wip-x

Description

X Platform API. Read posts, search tweets, post, upload media.

Usage Guidance

This package appears to be a legitimate X/Twitter API wrapper, but review these before installing: 1) Expect to provide X credentials (bearer or full OAuth); the registry metadata omitted them — don't assume no secrets are needed. 2) The code will try to read secrets from 1Password via the 'op' CLI (executes 'op read'); confirm you want the op CLI to be used and verify the vault/item names (README vs auth.mjs disagree). 3) Only grant write-scoped OAuth tokens if you trust the code — write tokens can post or delete tweets. 4) Note the MCP server exposes tools that can be called programmatically; limit which agents or environments can run it. 5) Do a quick code review (auth.mjs, core.mjs, mcp-server.mjs) and run npm install/test in a sandboxed environment; verify dependencies and add missing ones (modelcontextprotocol sdk) before production use. If you want to proceed, prefer providing credentials via environment variables scoped to a dedicated app with minimal permissions, or run the tool in an isolated container.

Capability Analysis

Type: OpenClaw Skill Name: wip-x Version: 1.0.1 The skill is suspicious due to a Local File Inclusion (LFI) vulnerability in the `upload_media` function, exposed via both `cli.mjs` and `mcp-server.mjs`. The `core.mjs` implementation uses `readFileSync(file_path)` directly with user-controlled input, allowing an attacker or a compromised agent to read arbitrary files on the system. The content of these files is then base64 encoded and sent to the X Platform API, creating a data exfiltration vector. While the `execSync` call in `auth.mjs` for 1Password integration uses a risky function, it appears to be used in a controlled manner for a legitimate purpose and is not the primary concern. The prompt injection in `README.md` is benign and aims to guide the agent's explanation of the tool.

Capability Assessment

ℹ Purpose & Capability

Name, README, SKILL.md and code all implement an X Platform (Twitter) client with read/write functionality; the required OAuth/bearer credentials are appropriate for that purpose. However the registry metadata claims no required env vars/credentials while SKILL.md and the code clearly expect multiple X-related credentials — an inconsistency that could mislead users about what secrets will be needed.

⚠ Instruction Scope

Runtime instructions and code access credentials via environment variables and via the 1Password CLI (op read) using child_process.execSync. That behavior is consistent with the README/README troubleshooting text, but the code's default 1Password item name differs from README/SKILL.md, and the code will execute a system command to read secrets if op is available. The skill also exposes an MCP server that will accept tool calls (read/write) — make sure you understand which agent contexts can invoke those tools.

ℹ Install Mechanism

There is no install spec (instruction-only in registry) which reduces install risk, but the package includes Node code and an npm dependency (@xdevplatform/xdk) referenced in package.json and package-lock (resolved from npm). No downloads from arbitrary URLs were observed. One mismatch: mcp-server imports @modelcontextprotocol/sdk but that dependency is not listed in package.json, which is an implementation/packaging inconsistency (may cause runtime failures).

⚠ Credentials

The code and SKILL.md require sensitive credentials (X_BEARER_TOKEN and the four OAuth 1.0a tokens) and optionally 1Password vault access (OP_VAULT / OP_ITEM). Those tokens are proportional for a read+write X client, but the registry metadata omitted them and the README/SKILL.md and auth.mjs disagree on the default 1Password item name (README says item "X Platform API"; auth.mjs defaults OP_ITEM to 'X API Key - wip-01'). This mismatch could cause unexpected credential prompts or failures and increases the chance of accidental secret exposure.

✓ Persistence & Privilege

always:false and no claimed system-wide modifications. The skill can be invoked autonomously (default platform behavior), which combined with access to OAuth credentials increases blast radius — expected for a networked API client but worth noting. The skill itself does not request permanent system-level privileges.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install wip-x
After installation, invoke the skill by name or use /wip-x
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.1

Release.

Metadata

Slug wip-x

Version 1.0.1

License —

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is Wip X?

X Platform API. Read posts, search tweets, post, upload media. It is an AI Agent Skill for Claude Code / OpenClaw, with 573 downloads so far.

How do I install Wip X?

Run "/install wip-x" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Wip X free?

Yes, Wip X is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Wip X support?

Wip X is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Wip X?

It is built and maintained by Parker Todd Brooks (@parkertoddbrooks); the current version is v1.0.1.

More Skills