← 返回 Skills 市场
1302
总下载
0
收藏
3
当前安装
1
版本数
在 OpenClaw 中安装
/install twitter-x-api
功能描述
X/Twitter messaging management via API. Read tweets, post tweets, reply, send DMs, search, and view analytics. Use when the user wants to interact with X/Twi...
安全使用建议
This skill implements a normal Twitter/X CLI, but there are a few things to check before installing or running it: (1) The skill's registry metadata does not declare that it needs API keys or a credentials file — SKILL.md and the script do require OAuth keys or a bearer token and will read ~/.config/twitter/credentials.json if present. Treat that as a real secret requirement. (2) Review the complete scripts/tweet.py source yourself (it is bundled) for any hidden network calls or unexpected file access before running; the provided snippet appears truncated, so ask for the full source if unsure. (3) Run pip install tweepy in an isolated virtualenv or sandbox and avoid running the CLI with production credentials until you've audited it. Prefer using a read-only bearer token for non-write actions where possible. (4) If you obtained this skill from an unknown source, ask the publisher to update the manifest to list required env vars/config paths and to provide provenance (homepage, source repo, maintainer). (5) If you must proceed immediately, restrict the credentials to an account with limited privileges and monitor activity for unexpected API use.
功能分析
Type: OpenClaw Skill
Name: twitter-x-api
Version: 1.0.0
The skill bundle provides a legitimate interface for interacting with the Twitter/X API using the `tweepy` library. It loads API credentials from standard environment variables or a user-configured JSON file (`~/.config/twitter/credentials.json`), which is necessary for its functionality. There is no evidence of intentional malicious behavior such as data exfiltration to unauthorized third parties, installation of backdoors, or prompt injection attempts in `SKILL.md` designed to subvert the agent's instructions for harmful purposes. The ability to upload media via `scripts/tweet.py` involves reading local files, which is a legitimate feature for posting images/videos, not an indicator of malice.
能力评估
Purpose & Capability
Name/description match the included code and instructions (posting, reading, DMs, search, analytics). However the registry metadata lists no required environment variables or config paths while SKILL.md and scripts/tweet.py clearly require Twitter credentials (env vars or ~/.config/twitter/credentials.json). That mismatch is incoherent and could mislead users about what secrets the skill needs.
Instruction Scope
SKILL.md instructions are narrowly scoped to Twitter/X operations (posting, reading, search, DMs, analytics) and tell the user how to provide credentials and run the CLI. The runtime instructions reference only the credentials file path (~/.config/twitter/credentials.json) and environment variables needed for OAuth/Bearer tokens, which is appropriate for this purpose.
Install Mechanism
No automated install spec is provided (instruction-only), which minimizes automatic disk writes. The SKILL.md instructs users to run 'pip install tweepy' — a normal and expected dependency, but it does cause code to be pulled from PyPI at install time. The skill includes a bundled Python script that will be executed by the user/agent when invoked.
Credentials
The SKILL.md (and tweet.py) require OAuth credentials and/or a bearer token — appropriate for Twitter integration — but the registry metadata declares none. This mismatch is concerning because users may not realize the skill will read secrets from env vars or the home config file; required secrets are proportionate to the task but were not declared in the manifest.
Persistence & Privilege
The skill is not always-enabled and does not request elevated platform privileges. It does read/write only its own configuration path (~/.config/twitter/credentials.json) for credentials as documented. There is no indication it modifies other skills or system-wide agent settings.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install twitter-x-api - 安装完成后,直接呼叫该 Skill 的名称或使用
/twitter-x-api触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release - post tweets, threads, replies, DMs, search, and analytics via X API v2
元数据
常见问题
Twitter/X API 是什么?
X/Twitter messaging management via API. Read tweets, post tweets, reply, send DMs, search, and view analytics. Use when the user wants to interact with X/Twi... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1302 次。
如何安装 Twitter/X API?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install twitter-x-api」即可一键安装,无需额外配置。
Twitter/X API 是免费的吗?
是的,Twitter/X API 完全免费(开源免费),可自由下载、安装和使用。
Twitter/X API 支持哪些平台?
Twitter/X API 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Twitter/X API?
由 klemenska(@klemenska)开发并维护,当前版本 v1.0.0。
推荐 Skills