bird-fast

The bird-fast skill footprint is coherent with its stated purpose of terminal Twitter automation via browser cookies and internal GraphQL APIs. However, the authentication model (cookie extraction from local browsers) introduces meaningful credential exposure risk and potential data leakage paths. The use of private GraphQL endpoints and cookie-based auth is plausible but elevates risk compared to standard OAuth-based flows. Overall: SUSPICIOUS due to credential surface and data-flow implications, but not evidently malicious. If adopted, it should include explicit safeguards (least-privilege scope, explicit user prompts for sensitive actions, clear isolation/sandboxing, and strong documentation on how credentials are stored, used, and protected).