Back to plugin

Security audit

X (Twitter) API

Security checks across malware telemetry and agentic risk

Overview

The plugin mostly matches an X/Twitter data API integration, but it also exposes under-disclosed generic AI and translation tools that can send arbitrary text to agntdata.

Install only if you are comfortable sending X queries, account identifiers, tweet IDs, and any text given to the AI or translation tools to api.agntdata.dev under your agntdata API key. Review agntdata's data handling terms before using it with private, confidential, or regulated text.

VirusTotal

55/55 vendors flagged this plugin as clean.

View on VirusTotal

Static analysis

Detected: suspicious.exposed_secret_literal

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
index.js:231
Evidence
const apiKey = [REDACTED] || readAgntConfig()?.apiKey