← Back to Skills Marketplace
X/Twitter Automation: 30+ APIs, OAuth Post, One Key
by
0xjordansg-yolo
· GitHub ↗
· v1.0.3
· MIT-0
3616
Downloads
4
Stars
12
Active Installs
3
Versions
Install in OpenClaw
/install openclaw-twitter
Description
Searches and reads X (Twitter): profiles, timelines, mentions, followers, tweet search, trends, lists, communities, and Spaces. Publishes posts after the use...
Usage Guidance
What to consider before installing:
- Trust model: this skill proxies all Twitter/X reads and writes through a third‑party relay (api.aisa.one). Installing it means your AISA_API_KEY will be used to query and to publish via that service — only install if you trust aisa.one and its security/privacy practices.
- Secret power: the single AISA_API_KEY is a high‑privilege credential. If leaked or misused it could allow reads and posts via the relay. Use a scoped or revocable key if possible and rotate it if you suspect compromise.
- Media handling / privacy: when posting, the skill will upload local workspace files (images/videos) to the relay backend. Treat that as data exfiltration to an external service — don’t use it with sensitive files unless you’re comfortable with that transfer.
- Undeclared env vars: the scripts honor TWITTER_RELAY_BASE_URL and TWITTER_RELAY_TIMEOUT (not listed in metadata). Review or set TWITTER_RELAY_BASE_URL if you want to change the target; otherwise the default points to api.aisa.one.
- Posting behavior: the instructions recommend trying to post immediately for user intents to publish. Confirm whether you want the agent to attempt posting automatically; consider restricting autonomous agent actions or requiring explicit confirmation before posting live content.
- Test safely: if you proceed, test with a disposable or non-production account first. Verify the OAuth flow and inspect what data is sent to the relay (especially media uploads).
If you can get more info from the publisher (proof-of-ownership of aisa.one endpoints, privacy policy, or ability to use your own relay URL), that would raise confidence. Without that, treat the skill as coherent but carrying meaningful privacy and trust risks.
Capability Analysis
Type: OpenClaw Skill
Name: openclaw-twitter
Version: 1.0.3
The skill bundle provides a legitimate integration for reading and posting to Twitter/X via the AIsa API (api.aisa.one). The Python scripts (twitter_client.py and twitter_oauth_client.py) implement standard API interactions, including OAuth authorization flows, media uploads using multipart/form-data, and complex tweet threading logic that respects Twitter's character weighting. The instructions in SKILL.md and references/post_twitter.md are well-structured, providing clear guidance to the agent on handling user requests while explicitly including security guardrails, such as instructing the agent never to ask for user passwords.
Capability Assessment
Purpose & Capability
Name/description align with the included code and SKILL.md: read/search endpoints and OAuth-based posting. Requiring curl and python3 and a single AISA_API_KEY is consistent with using a relay service. However, the skill does not call Twitter's official APIs directly; all traffic is proxied through https://api.aisa.one, which centralizes control over reads and writes under that external service.
Instruction Scope
The runtime instructions and Python scripts will upload local workspace files (images/videos) to the relay backend and then the relay uploads to X/Twitter. The SKILL.md also instructs agents to 'try post first' when the user intent is to publish, which could lead to automatic posting behavior if the agent interprets user intent permissively. The scripts read local workspace file paths and send file contents over network — appropriate for posting but a privacy/exfiltration vector that should be explicit to users.
Install Mechanism
This is an instruction-only skill with bundled Python scripts; there is no external install or download step. No third‑party binary downloads or archive extraction are specified, so installation risk is low from that angle.
Credentials
The declared required env var is only AISA_API_KEY (consistent with the relay model), which is proportionate to the intended functionality — but the code also reads other env vars (e.g., TWITTER_RELAY_BASE_URL, TWITTER_RELAY_TIMEOUT) that are not declared in metadata. More importantly, the single AISA_API_KEY is powerful: possession of it gives the holder the ability to read data and publish posts via the relay for any OAuth flows the relay supports. Users should treat that key as a high‑privilege secret and ensure they trust the relay operator (aisa.one).
Persistence & Privilege
always:false and default autonomous invocation are used. Autonomous invocation plus an API key that can publish is a meaningful combination (the agent could post on behalf of users if invoked), but autonomous invocation itself is the platform default — this is noted rather than flagged as an isolated problem.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install openclaw-twitter - After installation, invoke the skill by name or use
/openclaw-twitter - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.3
- Separated posting workflow documentation into a new reference file: references/post_twitter.md.
- Added a new script for OAuth posting: scripts/twitter_oauth_client.py.
- SKILL.md clarified to direct all publishing/posting workflows to the new reference file.
- No changes to core read/search functionality; all API and Python read operations remain unchanged.
v1.0.1
**Major update: Adds OAuth-based posting, expands data coverage beyond tweets and users.**
- Now supports posting to Twitter/X using OAuth—no passwords or cookies needed; users authorize in the browser.
- Expanded read endpoints: includes profiles, mentions, followers, trends, lists, communities, Spaces, and context-rich tweet queries.
- Agent usage guidance updated for passwordless, proxyless posting using the AIsa OAuth relay.
- Documentation and endpoint references overhauled for improved clarity and API parity.
- Skill description revised to emphasize broader search/read capabilities and secure posting flow.
v1.0.0
Twitter Command Center (Search + Post) initial release!
- Enables real-time Twitter/X search, trend tracking, user lookup, and tweet extraction via API or Python client.
- Supports automated engagement: instant posting, liking, retweeting, profile editing, and replies (login required).
- Includes clear curl and Python example commands for all operations.
- Requires only an AISA_API_KEY for core read features; login needed for write actions.
- Pricing and usage details now provided for every request.
- Full endpoint list and quick-start instructions included in the documentation.
Metadata
Frequently Asked Questions
What is X/Twitter Automation: 30+ APIs, OAuth Post, One Key?
Searches and reads X (Twitter): profiles, timelines, mentions, followers, tweet search, trends, lists, communities, and Spaces. Publishes posts after the use... It is an AI Agent Skill for Claude Code / OpenClaw, with 3616 downloads so far.
How do I install X/Twitter Automation: 30+ APIs, OAuth Post, One Key?
Run "/install openclaw-twitter" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is X/Twitter Automation: 30+ APIs, OAuth Post, One Key free?
Yes, X/Twitter Automation: 30+ APIs, OAuth Post, One Key is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does X/Twitter Automation: 30+ APIs, OAuth Post, One Key support?
X/Twitter Automation: 30+ APIs, OAuth Post, One Key is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created X/Twitter Automation: 30+ APIs, OAuth Post, One Key?
It is built and maintained by 0xjordansg-yolo (@0xjordansg-yolo); the current version is v1.0.3.
More Skills