twitter-automation
Audited by Socket on Feb 19, 2026
1 alert found:
Malware[Skill Scanner] Pipe-to-shell or eval pattern detected All findings: [CRITICAL] command_injection: Pipe-to-shell or eval pattern detected (CI013) [AITech 9.1.4] [CRITICAL] command_injection: Natural language instruction to download and install from URL detected (CI009) [AITech 9.1.4] [CRITICAL] command_injection: Natural language instruction to download and install from URL detected (CI009) [AITech 9.1.4] This skill's purpose (Twitter/X automation) is consistent with its capabilities and examples, but its implementation relies on a third-party CLI/binary (inference.sh) and remote servers to perform all actions. That centralization means credentials and all content pass through inference.sh infrastructure — a legitimate convenience but a meaningful supply-chain and credential-exfiltration risk if the binary or backend were malicious or compromised. No explicit malicious code or hard-coded secrets appear in the provided documentation, but the installer pattern (curl | sh), the wildcard allowed-tools, and the broad account-level actions increase security risk. Recommended action: treat as SUSPICIOUS until the infsh binary and server behavior can be audited and the token storage/permissions are verified; if you must use it, verify checksums manually, limit account privileges, and consider using a burner/test account for automation. LLM verification: This SKILL.md is documentation for a third-party CLI-based Twitter/X automation skill. The described capabilities are consistent with the stated purpose, but key trust decisions are delegated to the inference.sh CLI and backend. The main security concerns are: (1) the documentation recommends 'curl ... | sh' which is a risky install pattern; (2) the documentation does not state whether authentication tokens remain local or are proxied through inference.sh servers — that could allow credential ex