social-sbti

SUSPICIOUS. The core workflow is coherent for a social-media personality-card skill, but trust is weakened by unseen Python dependencies and by forwarding X credentials/session data to an unofficial third-party client (Twikit). No direct malware or clear exfiltration endpoint is shown, yet the privacy-sensitive purpose and third-party credential handling make this a medium-to-high security risk skill.