x-api

Enables programmatic interaction with X (Twitter) for posting tweets, reading timelines, and analytics using OAuth authentication.

Install this skill

81/100

Security score

The x-api skill was audited on May 28, 2026 and we found 11 security issues across 2 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 191

Access to .env file

SourceSKILL.md

191	- Never hardcode tokens. Use environment variables or `.env` files.

medium line 192

Access to .env file

SourceSKILL.md

192	- Never commit `.env` files. Add to `.gitignore`.

low line 40

External URL reference

SourceSKILL.md

40	"https://api.x.com/2/tweets/search/recent",

low line 77

External URL reference

SourceSKILL.md

77	"https://api.x.com/2/tweets",

low line 94

External URL reference

SourceSKILL.md

94	resp = oauth.post("https://api.x.com/2/tweets", json=payload)

low line 105

External URL reference

SourceSKILL.md

105	f"https://api.x.com/2/users/{user_id}/tweets",

low line 118

External URL reference

SourceSKILL.md

118	"https://api.x.com/2/tweets/search/recent",

low line 132

External URL reference

SourceSKILL.md

132	"https://api.x.com/2/users/by/username/affaanmustafa",

low line 145

External URL reference

SourceSKILL.md

145	"https://upload.twitter.com/1.1/media/upload.json",

low line 152

External URL reference

SourceSKILL.md

152	"https://api.x.com/2/tweets",

low line 177

External URL reference

SourceSKILL.md

177	resp = oauth.post("https://api.x.com/2/tweets", json={"text": content})

Scanned on May 28, 2026

View Security Dashboard

Installation guide →

GitHub Stars 5

Rate this skill

Categorymarketing

UpdatedJune 15, 2026

openclaw api social-media-manager influencer-marketer content-marketer marketing-analyst growth-marketer marketing

FridrichMethod/awesome-skills