xfetch

[Skill Scanner] [Documentation context] Installation of third-party script detected The README documents a legitimate-looking CLI scraper that requires X session cookies (auth_token and ct0) and performs network requests to X.com. The primary security concerns are the sensitive nature of the required session cookies, the advice to copy them manually, possible insecure local caching, and the ability to route requests through an arbitrary proxy. There is no direct evidence in the provided documentation of obfuscation, embedded backdoors, or telemetry/exfiltration, but the documentation is insufficient to rule these out. Before supplying live session cookies, reviewers should inspect the package source code and runtime network behavior (look for any non-X endpoints, telemetry, or insecure storage). Use ephemeral or throwaway accounts if testing. LLM verification: [LLM Escalated] The documentation describes a functional cookie-based X/Twitter CLI scraper whose design choices (requiring auth_token/ct0 and instructing copy-from-DevTools) substantially increase the risk of credential exposure. No direct evidence of malware or obfuscated code is present in the documentation, but the absence of source code prevents full verification of network flows and storage behavior. Treat this package as medium-to-high risk until the code is audited: specifically verify that all network