← Back to Skills Marketplace
austindixson

Composio Composer Xskill

by austindixson · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
420
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install composio-composer-xskill
Description
Enables posting tweets to Twitter/X through Composio's integration platform via HTTP and BeautifulSoup. Use when posting tweets or integrating with Composio.
README (SKILL.md)

Composio Composer X Skill

This skill enables posting tweets to Twitter/X through Composio's integration platform. It uses HTTP requests with BeautifulSoup to interact with Composio's web interface, providing a post_tweet function that can be called from OpenClaw.

Installation

  1. Install dependencies:

    pip install requests beautifulsoup4 python-dotenv

  2. Configure credentials in .env file or environment

  3. Import and use the skill in your OpenClaw workflow

Tool Definitions

post_tweet

Posts a tweet to Twitter/X using Composio.

Function Signature:

def post_tweet(content: str, composio_auth_token: str) -> dict:

Parameters:

  • content (str): The tweet content (max 280 characters)
  • composio_auth_token (str): The Composio authentication token for authorization

Returns:

  • dict: Contains:
    • success (bool): Whether the tweet was posted successfully
    • tweet_id (str): The posted tweet's ID (on success)
    • tweet_url (str): URL to view the tweet (on success)
    • error (str): Error message (on failure)

Example:

result = post_tweet(
    content="Hello from OpenClaw! 🐾",
    composio_auth_token="your_composio_auth_token_here"
)
print(f"Tweet posted: {result.get('tweet_url')}")

get_tweet

Retrieves a tweet by ID.

Function Signature:

def get_tweet(tweet_id: str, composio_auth_token: str) -> dict:

Parameters:

  • tweet_id (str): The tweet ID to retrieve
  • composio_auth_token (str): The Composio authentication token

Returns:

  • dict: Contains tweet data or error information

delete_tweet

Deletes a tweet.

Function Signature:

def delete_tweet(tweet_id: str, composio_auth_token: str) -> dict:

Parameters:

  • tweet_id (str): The tweet ID to delete
  • composio_auth_token (str): The Composio authentication token

Returns:

  • dict: Contains success (bool) and status message

Configuration

The skill requires the following environment variables:

  • COMPOSIO_CLIENT_ID: Your Composio client ID
  • COMPOSIO_API_KEY: Your Composio API key
  • COMPOSIO_SESSION_TOKEN: Your Composio session token
  • COMPOSIO_BEARER_TOKEN: Your Composio bearer token
  • COMPOSIO_USER_ID: Your Composio user ID

Notes

  • This implementation uses HTTP requests to emulate Composio interaction
  • Direct API access through OpenClaw is currently unavailable
  • Rate limits apply per Twitter/X and Composio policies
  • Session tokens expire after 7200 seconds (2 hours)
Usage Guidance
What to check before installing: - Source and trust: The skill's Source/Homepage are unknown; prefer skills from a known publisher. Review the bundled code yourself or run it in an isolated environment before granting real credentials. - Metadata mismatch: The registry declares no required env vars but SKILL.md and config.py expect multiple COMPOSIO_* secrets. Treat that as a red flag and verify which variables the runtime actually needs. - README vs. API mismatch: README examples omit an auth token while __init__.py and SKILL.md show a composio_auth_token parameter and config.py reads env vars. Ensure you know whether you must pass tokens in calls or rely on env vars. - .env handling: Docs recommend python-dotenv but the code does not call load_dotenv() (config.py uses os.getenv). If you plan to use a .env file, you must load it yourself; storing tokens in plaintext files has risk — store secrets securely and limit file permissions. - Least privilege & rotation: Create and use Composio credentials with minimal permissions, and be prepared to rotate tokens if you install/remove the skill. - Network endpoints: The default api base is https://backend.composio.dev/api/v1 — confirm this is the correct and expected endpoint for your account. - If unsure, ask the publisher for clarification (who maintains the skill), or run the code in a sandbox and inspect network traffic before providing production credentials.
Capability Analysis
Type: OpenClaw Skill Name: composio-composer-xskill Version: 1.0.0 The skill is classified as suspicious due to a risky design choice in `twitter_client.py`. The `_post_tweet_direct` fallback method attempts to send the `composio_auth_token` (described as a 'Composio authentication token' in SKILL.md) directly to the `https://api.twitter.com/2` endpoint. This could constitute an over-permissioned use of the token or bypass Composio's intended mediation, potentially exposing the token to a broader scope than intended or circumventing Composio's controls. Additionally, the `README.md` lists numerous features (e.g., `reply_to`, `media_paths`, `like_tweet`, `follow_user`) that are not implemented in the provided Python code, indicating misleading documentation, though this is a functional issue rather than a direct security vulnerability.
Capability Assessment
Purpose & Capability
The code and docs implement posting/reading/deleting tweets via Composio (HTTP + BeautifulSoup) which matches the skill name/description. However the registry metadata claims no required environment variables while SKILL.md, README.md and config.py reference several COMPOSIO_* variables — this mismatch is unexplained and reduces trust in the metadata.
Instruction Scope
Runtime instructions and the code focus on HTTP interactions with Composio and HTML parsing/submission via BeautifulSoup, which is within the stated purpose. The SKILL.md instructs installing requests/bs4/python-dotenv and configuring a .env or environment variables; note that storing tokens in a .env file (suggested by docs) is a security consideration but is not itself unexpected for this type of skill.
Install Mechanism
There is no platform install spec (instruction-only style), but the package includes code files and a requirements.txt. The SKILL.md instructs pip installing the listed deps (requests, beautifulsoup4, python-dotenv) — these are standard PyPI packages. No remote downloads or obscure install sources are present. It's slightly inconsistent that the registry lists 'no install spec' while full code is bundled, but this is not inherently dangerous.
Credentials
The skill requires several Composio-specific credentials (COMPOSIO_CLIENT_ID, COMPOSIO_API_KEY, COMPOSIO_SESSION_TOKEN, COMPOSIO_BEARER_TOKEN, COMPOSIO_USER_ID) per SKILL.md and config.py. The registry metadata, however, lists no required env vars — that is an inconsistency. The secrets requested are proportional to the stated function, but the mismatch in declared vs. actual required variables and the docs' suggestion to store them in a .env file warrant caution.
Persistence & Privilege
The skill does not request 'always: true' or other elevated persistent privileges and does not attempt to modify other skills or system configuration. It reads environment variables at import time via config.from_env() and offers a from_file() loader, which is normal for a client library.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install composio-composer-xskill
  3. After installation, invoke the skill by name or use /composio-composer-xskill
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of Composio Composer X Skill. - Enables posting, retrieving, and deleting tweets on Twitter/X via Composio's integration platform. - Provides easy-to-use Python functions: `post_tweet`, `get_tweet`, and `delete_tweet`. - Requires configuration of authentication tokens and credentials in environment variables. - Uses HTTP and BeautifulSoup to interact with Composio's web interface. - Includes clear installation and usage instructions in the documentation.
Metadata
Slug composio-composer-xskill
Version 1.0.0
License
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Composio Composer Xskill?

Enables posting tweets to Twitter/X through Composio's integration platform via HTTP and BeautifulSoup. Use when posting tweets or integrating with Composio. It is an AI Agent Skill for Claude Code / OpenClaw, with 420 downloads so far.

How do I install Composio Composer Xskill?

Run "/install composio-composer-xskill" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Composio Composer Xskill free?

Yes, Composio Composer Xskill is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Composio Composer Xskill support?

Composio Composer Xskill is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Composio Composer Xskill?

It is built and maintained by austindixson (@austindixson); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments