xbird

SUSPICIOUS: the skill’s Twitter capabilities match its stated purpose, but its trust model is weak. The main concerns are raw browser/session cookie access, forwarding those cookies to an externally executed npm package, automatic wallet creation, and incomplete publisher verification between the skill repo and package scope. This is not confirmed malware, but it carries meaningful credential and account-action risk.