twitter-automation

SUSPICIOUS: the stated purpose matches the social automation capabilities, but the skill’s footprint is high-risk because it enables autonomous posting/DM/follow actions and routes access through a third-party CLI/platform instead of direct X APIs. Install provenance is same-org and partially verifiable, so this is not confirmed malicious, but the combination of external CLI trust, mediated credentials, and transitive skill installation makes it a high-risk automation skill.