← Back to Skills Marketplace
Wip Grok
by
Parker Todd Brooks
· GitHub ↗
· v1.0.2
609
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install wip-grok
Description
xAI Grok API. Search the web, search X, generate images, generate video.
Usage Guidance
Before installing, be aware of these points:
- The skill requires an xAI API key (XAI_API_KEY) even though the registry metadata claims none; SKILL.md and core.mjs will fail without it.
- core.mjs will try to read the key from 1Password using the 'op' CLI (execSync). That means the skill runs a shell command; ensure you trust the code and have the op CLI configured if you want that behavior.
- The edit_image and image-to-video flows accept local file paths and will read and base64-encode files (readFileSync) and send them to the external x.ai service. Do not pass paths to sensitive local files (password stores, private keys, configuration files) — supplying such paths would leak their contents to the external API.
- package.json does not list the MCP SDK dependencies that mcp-server.mjs imports; this is an operational inconsistency (you may need to install those packages or run the MCP server in an environment that already provides them).
- If you plan to allow autonomous agent invocation, be cautious: an autonomous agent could be tricked into passing local file paths or otherwise invoking edit_image/video with data that results in sensitive data being uploaded.
Recommendations:
- Only install/run this skill from a trusted source and review the code (core.mjs, mcp-server.mjs) yourself.
- If you don't want 1Password CLI access, set XAI_API_KEY explicitly in the environment and/or remove/modify the op read fallback.
- Restrict agent inputs so it cannot supply arbitrary local file paths to edit_image or generate_video image seeds.
- Consider running the MCP server in a sandboxed environment or container to limit filesystem access if you need the MCP interface.
Capability Analysis
Type: OpenClaw Skill
Name: wip-grok
Version: 1.0.2
The skill is classified as suspicious due to critical vulnerabilities that could be exploited for data exfiltration and arbitrary file writes. The `core.mjs` file's `edit_image` function uses `readFileSync` on the `image` parameter if it's not an HTTP or data URI, allowing an attacker to read arbitrary local files (e.g., `/etc/passwd`, `~/.ssh/id_rsa`) and send their base64-encoded content to the xAI API. Additionally, the `cli.mjs` file's `--output` flag for media generation uses `writeFileSync` without path sanitization, enabling arbitrary file writes. These are severe vulnerabilities, but there is no clear evidence of intentional malicious behavior by the skill itself.
Capability Assessment
Purpose & Capability
The name/description match the code: web/X search plus image/video generation via xAI Grok. However the registry metadata declared no required env vars or primary credential while the SKILL.md and core.mjs clearly expect an XAI_API_KEY (and a fallback read from 1Password). That mismatch between declared requirements and actual code is an inconsistency.
Instruction Scope
SKILL.md and the code instruct the agent to use an API key (env or 1Password) and to accept local file paths for edit_image and image-to-video flows. core.mjs will read local files (readFileSync) and base64-encode them, then POST those bytes to the external x.ai API. That behavior is expected for an image-editing tool but is a potential data-exfiltration vector if an agent (or user input) supplies paths to sensitive files. core.mjs also runs execSync('op read ...') to access 1Password; using child_process execution increases the risk surface compared with purely network-only code.
Install Mechanism
There is no install spec (instruction-only), which is lower-risk. All code is included in the repo and no downloads/install-time extracts occur. One operational oddity: mcp-server.mjs imports '@modelcontextprotocol/sdk/...' but package.json declares no dependencies, so runtime will fail unless the environment already has these packages — this is an operational inconsistency rather than a direct security exploit.
Credentials
The skill legitimately needs an xAI API key, which is proportional to its stated purpose. But registry metadata claimed no required env vars while SKILL.md/openclaw.install expect XAI_API_KEY and core.mjs will attempt to read 1Password (op CLI). The use of 1Password via execSync is reasonable as convenience, but it requires the op CLI to be available and grants the skill the ability to run a shell command to read secrets. That combination should be noted before granting runtime access.
Persistence & Privilege
The skill does not request always:true, does not modify other skills or system-wide agent settings, and contains no install-time persistence. It runs as a normal user-space module and only uses its own code and (optional) local files when invoked.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install wip-grok - After installation, invoke the skill by name or use
/wip-grok - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.2
Release.
Metadata
Frequently Asked Questions
What is Wip Grok?
xAI Grok API. Search the web, search X, generate images, generate video. It is an AI Agent Skill for Claude Code / OpenClaw, with 609 downloads so far.
How do I install Wip Grok?
Run "/install wip-grok" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Wip Grok free?
Yes, Wip Grok is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Wip Grok support?
Wip Grok is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Wip Grok?
It is built and maintained by Parker Todd Brooks (@parkertoddbrooks); the current version is v1.0.2.
More Skills