bird

[Skill Scanner] Installation of third-party script detected All findings: [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] The skill's capabilities match its stated purpose: it requires and documents access to session cookies (or explicit tokens) to call X/Twitter internal GraphQL endpoints and to scrape query IDs. That behavior is sensitive but expected for the described design. I found no evidence in this document of obfuscated code, hardcoded secrets, third-party credential exfiltration, or covert data flows. However, reading browser cookie stores and using OS helpers is high-privilege behavior and represents the main security concern: a malicious or compromised version of this tool could harvest session cookies. Recommend auditing the actual implementation (especially cookie-extraction and network call targets) and only installing from trusted sources. Treat the tool as privacy-sensitive rather than clearly malicious. LLM verification: Documentation indicates a legitimate CLI/library that uses browser cookies to authenticate against X/Twitter's undocumented web GraphQL API. This requires high-trust access (reading browser cookie stores). No explicit malicious behavior is evident in the provided materials, but the capability to read cookies and perform write actions is high-risk and must be verified by reviewing implementation files. Recommended actions: perform code review of credential-resolving and network modules, inspect p