xactions-mcp-server

The package's design and documentation create a high-risk operational profile: it instructs users to supply a raw X session cookie and executes code fetched at runtime (npx), while offering full account capabilities (read DMs, post, follow/unfollow, export data). This is an unsafe pattern for casual or untrusted use. While the README/manifest alone does not prove active malicious code, the combination of credential harvesting pattern, lack of explicit authentication best practices, and supply-chain execution model merits treating the package as high risk. Do not supply your session cookie to this tool without a full code and dependency audit, strong network controls, and preferably an audited OAuth-based alternative.