x-api

Enables programmatic interaction with X (Twitter) for posting tweets, reading timelines, and analytics using OAuth authentication.

Install this skill

80/100

Security score

The x-api skill was audited on May 12, 2026 and we found 12 security issues across 2 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 207

Access to .env file

SourceSKILL.md

207	- Never hardcode tokens. Use environment variables or `.env` files.

medium line 208

Access to .env file

SourceSKILL.md

208	- Never commit `.env` files. Add to `.gitignore`.

low line 39

External URL reference

SourceSKILL.md

39	"https://api.x.com/2/tweets/search/recent",

low line 78

External URL reference

SourceSKILL.md

78	"https://api.x.com/2/tweets",

low line 95

External URL reference

SourceSKILL.md

95	resp = oauth.post("https://api.x.com/2/tweets", json=payload)

low line 106

External URL reference

SourceSKILL.md

106	f"https://api.x.com/2/users/{user_id}/tweets",

low line 119

External URL reference

SourceSKILL.md

119	"https://api.x.com/2/tweets/search/recent",

low line 133

External URL reference

SourceSKILL.md

133	"https://api.x.com/2/tweets/search/recent",

low line 148

External URL reference

SourceSKILL.md

148	"https://api.x.com/2/users/by/username/affaanmustafa",

low line 161

External URL reference

SourceSKILL.md

161	"https://upload.twitter.com/1.1/media/upload.json",

low line 168

External URL reference

SourceSKILL.md

168	"https://api.x.com/2/tweets",

low line 193

External URL reference

SourceSKILL.md

193	resp = oauth.post("https://api.x.com/2/tweets", json={"text": content})

Scanned on May 12, 2026

View Security Dashboard

Installation guide →

GitHub Stars 189.4K

Rate this skill

Categorymarketing

UpdatedJune 10, 2026

claude claude-code frontend docx git api backend social-media-manager content-marketer influencer-marketer marketing

affaan-m/everything-claude-code