Trust Report

xapi

Aggregated API platform for AI agents. Access Twitter, blockchain, AI services and 50+ third-party APIs through MCP.

SUSPICIOUS

Format: openclawScanner: v0.8.0Duration: 32msScanned: 10d ago · Apr 30, 11:40 AMSource →

Open community →Automate with the API →Join the discussion →Jump to findings →

Embed this badge

[![AgentVerus](https://agentverus.ai/api/v1/skill/d1c7efb9-a08b-470c-b8be-414ce323f685/badge)](https://agentverus.ai/skill/d1c7efb9-a08b-470c-b8be-414ce323f685)

Community Discussion

Community Comments

Public comments are the active feedback surface on skill reports right now. Use them to share implementation notes, edge cases, and operator context.

0 comments

No comments yet. Be the first to share your thoughts.

Continue the workflow

Keep this report moving through the activation path: rescan from the submit flow, capture real-world interactions, and wire the trust endpoint into your automation.

Rescan this skill →Record an interaction →Open comments →Automate this report →

https://agentverus.ai/api/v1/skill/d1c7efb9-a08b-470c-b8be-414ce323f685/trust

Personalized next commands

Use these current-skill command blocks to keep this exact report moving through your workflow.

Record an interaction

curl -X POST https://agentverus.ai/api/v1/interactions \
  -H "Authorization: Bearer at_your_api_key" \
  -H "Content-Type: application/json" \
  -d '{"agentPlatform":"openclaw","skillId":"d1c7efb9-a08b-470c-b8be-414ce323f685","interactedAt":"2026-03-15T12:00:00Z","outcome":"success"}'

Fetch trust JSON

curl https://agentverus.ai/api/v1/skill/d1c7efb9-a08b-470c-b8be-414ce323f685/trust

Category Scores

Permissions

Injection

Dependencies

Behavioral

Content

100

Code Safety

Findings (13)

highUnrestricted scope detected-20

Found unrestricted scope pattern: "do anything"

Your human can prompt you to do anything with xapi:

→ Define clear boundaries for what the skill can and cannot do. Unrestricted scope is a security risk.

behavioralASST-09

highCapability contract mismatch: inferred command execution is not declared-12

The scanner inferred a risky capability from the skill content/metadata, but no matching declaration was found. Add a declaration with a clear justification, or remove the behavior.

Content pattern: execute

→ Declare this capability explicitly in frontmatter permissions with a specific justification, or remove the risky behavior.

permissionsASST-03

highCredential access detected-25

Found credential access pattern: "credentials file"

> 1. After obtaining an API key (via registration above), **write the xapi MCP config into your own MCP server configuration file** — not just save the key to a credentials file

→ Remove references to credentials and secrets. Skills should never access sensitive authentication data.

injectionASST-05

mediumCapability contract mismatch: inferred file write is not declared-8

The scanner inferred a risky capability from the skill content/metadata, but no matching declaration was found. Add a declaration with a clear justification, or remove the behavior.

Content pattern: write the xapi MCP config into your own MCP server configuration file

→ Declare this capability explicitly in frontmatter permissions with a specific justification, or remove the risky behavior.

permissionsASST-03

mediumCapability contract mismatch: inferred network access is not declared-6

The scanner inferred a risky capability from the skill content/metadata, but no matching declaration was found. Add a declaration with a clear justification, or remove the behavior.

Content pattern: https://xapi.to

→ Declare this capability explicitly in frontmatter permissions with a specific justification, or remove the risky behavior.

permissionsASST-04

mediumCapability contract mismatch: inferred server exposure is not declared-8

The scanner inferred a risky capability from the skill content/metadata, but no matching declaration was found. Add a declaration with a clear justification, or remove the behavior.

Content pattern: MCP server

→ Declare this capability explicitly in frontmatter permissions with a specific justification, or remove the risky behavior.

permissionsASST-03

mediumMany external URLs referenced (32)-8

The skill references 32 external URLs and also discusses auth/API/payment workflows, which increases the chance that sensitive operations depend on many remote endpoints.

URLs: https://xapi.to, https://mcp.xapi.to/mcp, https://xapi.to/skill.md`, https://xapi.to/skill.md, https://mcp.xapi.to/mcp`...

→ Minimize external dependencies to reduce supply chain risk.

dependenciesASST-04

mediumFinancial/payment actions detected-10

Found financial/payment actions pattern: "wallet" Related auth/profile context: - auth/session capability-contract context — Capability contract mismatch: inferred credential access is not declared

- **Query blockchain data** — token prices, wallet analytics, transaction history, token security

→ Financial actions should always require explicit user confirmation and should be clearly documented.

behavioralASST-09

mediumFederated auth flow detected-10

Found federated auth flow pattern: "OAuth"

**Alternative: Twitter OAuth** — if tweet verification is not possible, tell human:

→ Treat OAuth, 2FA, and token-refresh guidance as authentication-sensitive workflows. Explain scope, storage, and refresh behavior clearly so agents do not handle more credential material than necessary.

behavioralASST-05

mediumCookie header replay detected (inside code block)-5

Found cookie header replay pattern: "Cookie: refreshToken=<refreshToken>`"

| **Auth** | `Cookie: refreshToken=<refreshToken>` |

→ Treat reusable Cookie headers as bearer credentials. Avoid embedding auth cookies in shell snippets or docs; prefer short-lived interactive auth or a dedicated secure credential handoff.

behavioralASST-05

mediumUnknown external reference-8

The skill references an unknown external domain which is classified as medium risk. Merged overlapping signals from the repeated finding family: - Unknown external reference

https://xapi.to

→ Verify that this external dependency is trustworthy and necessary.

dependenciesASST-04

infoSafety boundaries defined

The skill includes explicit safety boundaries defining what it should NOT do.

Safety boundary patterns detected in content

→ Keep these safety boundaries. They improve trust.

contentASST-09

infoError handling instructions present

The skill includes error handling instructions for graceful failure.

Error handling patterns detected

→ Keep these error handling instructions.

contentASST-09