twitter-thread-creation

The skill description targets posting Twitter/X threads via a remote CLI, but the install pattern (curl | sh) and reliance on external binaries introduce meaningful supply-chain and runtime trust risks. Checksum verification helps, but lack of in-repo provenance, signer verification, and explicit credential handling details raise concerns. Treat as SUSPICIOUS with elevated supply-chain risk; require safer distribution, signed artifacts, and explicit, secure credential management before adoption.