← 返回 Skills 市场

readx

Name: readx
Author: wxtsky

作者 wxtsky · GitHub ↗ · v1.1.4

cross-platform ⚠ suspicious

847

总下载

当前安装

版本数

在 OpenClaw 中安装

/install readx

功能描述

Twitter/X intelligence toolkit: analyze users, tweets, trends, communities, and networks

安全使用建议

This skill appears to do what it says: it calls a remote readx.cc service and needs an API key. Before installing, verify you trust readx.cc (it's the only network endpoint used). Prefer storing the API key in a secure place (environment variable or credential store) rather than embedding it into URLs or plaintext files. If asked, decline having the agent itself write credentials to your config unless you trust the skill and know exactly where and how the key will be stored. Avoid pasting the API key into public logs or chat. If you want stronger assurance, ask the vendor for documentation, a privacy policy, and whether the MCP URL can be configured without the API key in the query string (e.g., via a secure header or token store).

功能分析

Type: OpenClaw Skill Name: readx Version: 1.1.4 The skill is classified as suspicious due to instructions for the AI agent to perform file system read/write operations and shell execution, which are high-risk capabilities. Specifically, `SKILL.md` instructs the agent to read and potentially write an API key to `~/.config/readx/credentials.json` (or Windows equivalent) and to execute `curl` commands for API interaction and fetching API documentation from `https://readx.cc`. While these actions are plausibly needed for the skill's stated purpose and `SKILL.md` includes explicit safeguards against API key exfiltration to unauthorized domains, these capabilities introduce an attack surface for potential vulnerabilities (e.g., shell injection, arbitrary file access) if the agent's execution environment or input sanitization is flawed.

能力评估

✓ Purpose & Capability

Name/description match the declared requirement (READX_API_KEY) and the SKILL.md describes calling a remote readx.cc API or MCP server for Twitter/X analysis. No unrelated credentials, binaries, or system paths are requested.

ℹ Instruction Scope

Instructions stay within analysis scope (resolve user→user_id, call timelines/search, derive metrics). They do instruct the agent to use curl and to read/write a readx credentials file and to add an MCP server URL that includes the API key query parameter; these are functional for the service but introduce credential-handling choices the user should review.

✓ Install Mechanism

Instruction-only skill with no install spec or code files — minimal disk/write footprint from the skill itself. All runtime behavior is via remote API calls or existing MCP tooling.

ℹ Credentials

Only READX_API_KEY is requested (declared as primaryEnv) which is proportionate to an API-based analysis tool. However, the doc recommends embedding the API key in an MCP URL (https://readx.cc/mcp?apikey=<API_KEY>) and persisting it to a plaintext credentials file by default — both raise credential-exposure risks.

✓ Persistence & Privilege

always:false and no requests to modify other skills or system-wide agent settings. The skill does instruct adding an MCP server entry to editor config and optionally writing the API key to a local config file — expected for this functionality but requires user consent.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install readx
安装完成后，直接呼叫该 Skill 的名称或使用 /readx 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.1.4

Trim instructions: remove redundant Skills Overview, simplify setup wording

v1.1.3

Simplify instructions: remove platform-specific commands, let AI handle details

v1.1.2

Fix outdated error handling for remote MCP; use credentials.json for API key persistence

v1.1.1

Use ~/.config/readx/credentials.json for API key persistence, with user consent before writing

v1.1.0

User-guided setup: AI asks user to choose self-config or AI-assisted config for both MCP and Direct API Mode

v1.0.9

Fix contradictions: remove agent-assisted setup and paste-in-chat instructions; user self-configures env var

v1.0.8

Fix security instruction contradiction: align key storage policy with actual setup instructions

v1.0.7

Cross-platform env var setup: support zsh, bash, PowerShell, and cmd

v1.0.6

Direct API Mode: let user choose manual or AI-assisted env var setup

v1.0.5

Direct API Mode: guide users to set READX_API_KEY env var in shell profile for persistence

v1.0.4

Restore Direct API Mode (curl) for platforms without MCP support; no file writes, session-only key usage

v1.0.3

Add primaryEnv/requires.env metadata declaration; remove paste-key-in-chat instructions for security compliance

v1.0.2

Switch to remote MCP server (URL-based), remove npm/npx dependency and local credential persistence

v1.0.1

Remove npx -y to fix supply chain risk flagged by VirusTotal; use global install instead

v1.0.0

Initial release: Twitter/X intelligence toolkit with 15 analysis skills, MCP server support, and direct API mode

元数据

Slug readx

版本 1.1.4

许可证 —

累计安装 2

当前安装数 1

历史版本数 15

常见问题

readx 是什么？

Twitter/X intelligence toolkit: analyze users, tweets, trends, communities, and networks. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 847 次。

如何安装 readx？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install readx」即可一键安装，无需额外配置。

readx 是免费的吗？

是的，readx 完全免费（开源免费），可自由下载、安装和使用。

readx 支持哪些平台？

readx 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 readx？

由 wxtsky（@wxtsky）开发并维护，当前版本 v1.1.4。