← 返回 Skills 市场

X/Twitter Automation: 30+ APIs, OAuth Post, One Key

Name: X/Twitter Automation: 30+ APIs, OAuth Post, One Key
Author: 0xjordansg-yolo

作者 0xjordansg-yolo · GitHub ↗ · v1.0.3 · MIT-0

cross-platform ⚠ suspicious

3616

总下载

当前安装

版本数

在 OpenClaw 中安装

/install openclaw-twitter

功能描述

Searches and reads X (Twitter): profiles, timelines, mentions, followers, tweet search, trends, lists, communities, and Spaces. Publishes posts after the use...

安全使用建议

What to consider before installing: - Trust model: this skill proxies all Twitter/X reads and writes through a third‑party relay (api.aisa.one). Installing it means your AISA_API_KEY will be used to query and to publish via that service — only install if you trust aisa.one and its security/privacy practices. - Secret power: the single AISA_API_KEY is a high‑privilege credential. If leaked or misused it could allow reads and posts via the relay. Use a scoped or revocable key if possible and rotate it if you suspect compromise. - Media handling / privacy: when posting, the skill will upload local workspace files (images/videos) to the relay backend. Treat that as data exfiltration to an external service — don’t use it with sensitive files unless you’re comfortable with that transfer. - Undeclared env vars: the scripts honor TWITTER_RELAY_BASE_URL and TWITTER_RELAY_TIMEOUT (not listed in metadata). Review or set TWITTER_RELAY_BASE_URL if you want to change the target; otherwise the default points to api.aisa.one. - Posting behavior: the instructions recommend trying to post immediately for user intents to publish. Confirm whether you want the agent to attempt posting automatically; consider restricting autonomous agent actions or requiring explicit confirmation before posting live content. - Test safely: if you proceed, test with a disposable or non-production account first. Verify the OAuth flow and inspect what data is sent to the relay (especially media uploads). If you can get more info from the publisher (proof-of-ownership of aisa.one endpoints, privacy policy, or ability to use your own relay URL), that would raise confidence. Without that, treat the skill as coherent but carrying meaningful privacy and trust risks.

功能分析

Type: OpenClaw Skill Name: openclaw-twitter Version: 1.0.3 The skill bundle provides a legitimate integration for reading and posting to Twitter/X via the AIsa API (api.aisa.one). The Python scripts (twitter_client.py and twitter_oauth_client.py) implement standard API interactions, including OAuth authorization flows, media uploads using multipart/form-data, and complex tweet threading logic that respects Twitter's character weighting. The instructions in SKILL.md and references/post_twitter.md are well-structured, providing clear guidance to the agent on handling user requests while explicitly including security guardrails, such as instructing the agent never to ask for user passwords.

能力评估

ℹ Purpose & Capability

Name/description align with the included code and SKILL.md: read/search endpoints and OAuth-based posting. Requiring curl and python3 and a single AISA_API_KEY is consistent with using a relay service. However, the skill does not call Twitter's official APIs directly; all traffic is proxied through https://api.aisa.one, which centralizes control over reads and writes under that external service.

⚠ Instruction Scope

The runtime instructions and Python scripts will upload local workspace files (images/videos) to the relay backend and then the relay uploads to X/Twitter. The SKILL.md also instructs agents to 'try post first' when the user intent is to publish, which could lead to automatic posting behavior if the agent interprets user intent permissively. The scripts read local workspace file paths and send file contents over network — appropriate for posting but a privacy/exfiltration vector that should be explicit to users.

✓ Install Mechanism

This is an instruction-only skill with bundled Python scripts; there is no external install or download step. No third‑party binary downloads or archive extraction are specified, so installation risk is low from that angle.

⚠ Credentials

The declared required env var is only AISA_API_KEY (consistent with the relay model), which is proportionate to the intended functionality — but the code also reads other env vars (e.g., TWITTER_RELAY_BASE_URL, TWITTER_RELAY_TIMEOUT) that are not declared in metadata. More importantly, the single AISA_API_KEY is powerful: possession of it gives the holder the ability to read data and publish posts via the relay for any OAuth flows the relay supports. Users should treat that key as a high‑privilege secret and ensure they trust the relay operator (aisa.one).

✓ Persistence & Privilege

always:false and default autonomous invocation are used. Autonomous invocation plus an API key that can publish is a meaningful combination (the agent could post on behalf of users if invoked), but autonomous invocation itself is the platform default — this is noted rather than flagged as an isolated problem.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install openclaw-twitter
安装完成后，直接呼叫该 Skill 的名称或使用 /openclaw-twitter 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.3

- Separated posting workflow documentation into a new reference file: references/post_twitter.md. - Added a new script for OAuth posting: scripts/twitter_oauth_client.py. - SKILL.md clarified to direct all publishing/posting workflows to the new reference file. - No changes to core read/search functionality; all API and Python read operations remain unchanged.

v1.0.1

**Major update: Adds OAuth-based posting, expands data coverage beyond tweets and users.** - Now supports posting to Twitter/X using OAuth—no passwords or cookies needed; users authorize in the browser. - Expanded read endpoints: includes profiles, mentions, followers, trends, lists, communities, Spaces, and context-rich tweet queries. - Agent usage guidance updated for passwordless, proxyless posting using the AIsa OAuth relay. - Documentation and endpoint references overhauled for improved clarity and API parity. - Skill description revised to emphasize broader search/read capabilities and secure posting flow.

v1.0.0

Twitter Command Center (Search + Post) initial release! - Enables real-time Twitter/X search, trend tracking, user lookup, and tweet extraction via API or Python client. - Supports automated engagement: instant posting, liking, retweeting, profile editing, and replies (login required). - Includes clear curl and Python example commands for all operations. - Requires only an AISA_API_KEY for core read features; login needed for write actions. - Pricing and usage details now provided for every request. - Full endpoint list and quick-start instructions included in the documentation.

元数据

Slug openclaw-twitter

版本 1.0.3

许可证 MIT-0

累计安装 12

当前安装数 12

历史版本数 3

常见问题

X/Twitter Automation: 30+ APIs, OAuth Post, One Key 是什么？

Searches and reads X (Twitter): profiles, timelines, mentions, followers, tweet search, trends, lists, communities, and Spaces. Publishes posts after the use... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 3616 次。

如何安装 X/Twitter Automation: 30+ APIs, OAuth Post, One Key？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install openclaw-twitter」即可一键安装，无需额外配置。

X/Twitter Automation: 30+ APIs, OAuth Post, One Key 是免费的吗？

是的，X/Twitter Automation: 30+ APIs, OAuth Post, One Key 完全免费，采用 MIT-0 许可证，可自由下载、安装和使用。

X/Twitter Automation: 30+ APIs, OAuth Post, One Key 支持哪些平台？

X/Twitter Automation: 30+ APIs, OAuth Post, One Key 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 X/Twitter Automation: 30+ APIs, OAuth Post, One Key？

由 0xjordansg-yolo（@0xjordansg-yolo）开发并维护，当前版本 v1.0.3。