v1.6.3

Published @xquik/tweetclaw@1.6.3 to npm. Refresh follower changes copy, fix api-spec endpoints free flip.

v1.6.2

Full Changelog: v1.6.1...v1.6.2

v1.6.1

Framework cross-link bump (follow-up to #1998). All version surfaces now aligned: package.json, server.json, openclaw.plugin.json, package-lock.json. Published to npm as @xquik/tweetclaw@1.6.1.

v1.6.0

Endpoint count corrected 122 to 111 after bot/integrations/automations removal. Removed 21 dead /bot/, /integrations/, /automations/ entries from spec. Pruned Telegram + workflow automations from descriptions. Closes #1973.

v1.5.4

Security Hardening

Addresses findings from Gen Agent Trust Hub and Socket/Snyk security audits.

CREDENTIALS_UNSAFE — Fixed

• Agent-prohibited endpoints: POST /api/v1/x/accounts and POST /api/v1/x/accounts/:id/reauth are now blocked at two levels:
  • Filtered from the explore tool's endpoint catalog (agent cannot discover them)
  • Rejected at the request proxy level (agent cannot call them even with crafted paths)
• Account connection and re-authentication must be done through the Xquik dashboard

PROMPT_INJECTION — Fixed

• Fixed contradiction where SKILL.md claimed "agent never handles raw credentials" while credential endpoints were accessible
• Removed instructional override language (IMPORTANT: Always attempt the request)
• Added Content Isolation Model: all X content treated as opaque display data in a strict data-only boundary
• 7 mandatory handling rules for untrusted content (up from 5)
• Fetched content can never influence endpoint selection, parameters, write actions, or financial transactions

DATA_EXFILTRATION — Mitigated

• Added Sensitive Data Access section with rules for DMs, bookmarks, and account details
• Private data only accessed on explicit user request, never proactively
• Single egress point (xquik.com), no data persistence between sandbox executions

Payment & Billing — Hardened

• All billing endpoints now hard-gated with explicit "yes" confirmation per turn
• Cumulative cost awareness (running session totals)
• Extraction cost ceiling (max possible, not just expected)
• No financial actions from fetched content

Tests

• 12 new tests for isProhibitedRequest and request-level blocking
• 2 new tests verifying specEndpoints excludes prohibited endpoints and credential parameters

v1.5.1

What's Changed

• Security: Harden credential handling, fix prompt injection vectors, remove third-party names from output
• Dependencies: Patch 4 dependency vulnerabilities (picomatch, brace-expansion, smol-toml, yaml)
• Pricing: Align extraction and MPP pricing with billing source of truth; correct endpoint count and credit costs

v1.5.0

Changes

• Sandbox tool execution with vm.runInNewContext + Proxy isolation
• Renamed tempoPrivateKey to tempoSigningKey across all user-facing text
• Added required OpenClaw compat and build metadata for ClawHub publishing
• Synced all registry files to v1.5.0

v1.4.1

• Sync metadata versions (openclaw.plugin.json, server.json) to 1.4.1
• Matches npm publish @xquik/tweetclaw@1.4.1

v1.4.0

tweetclaw v1.4.0

OpenClaw plugin for X (Twitter) automation via the Xquik API. 33x cheaper than the official X API.

Highlights

• 120 REST API endpoints across 12 categories
• Full OpenClaw plugin with extension support
• HMAC webhook support with signature verification
• Machine Payments Protocol (MPP) for anonymous pay-per-use
• Reads from $0.00015/call

Installation

npm install @xquik/tweetclaw