Skills
skills/mvanhorn/clawdbot-skill-xai/xai/Gen Agent Trust Hub

xai

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill integrates with the official xAI API (api.x.ai) for various Grok model functionalities including chat, vision, and real-time X search.
  • [SAFE]: Sensitive information such as the XAI_API_KEY is managed appropriately through environment variables or a local configuration file (~/.clawdbot/clawdbot.json), which is a standard and safe practice for CLI tools.
  • [SAFE]: The scripts/chat.js, scripts/models.js, and scripts/search-x.js files use the built-in Node.js https module to communicate with the official API endpoint. No unauthorized external domains or suspicious network behaviors were detected.
  • [SAFE]: The skill uses fs.readFileSync and path.resolve for legitimate purposes such as reading local images for vision tasks or reading the local configuration file.
  • [SAFE]: No obfuscation, prompt injection, persistence mechanisms, or unauthorized privilege escalation patterns were found in the provided files.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 08:49 AM