tweet-cli
Warn
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the tweet-cli package directly from a third-party GitHub repository (github:0xmythril/tweet-cli#v1.0.0) which is not included in the trusted vendors list.
- [CREDENTIALS_UNSAFE]: The tool requires and manages highly sensitive X (Twitter) API credentials, including Consumer Keys and Access Tokens, storing them in a local environment file at ~/.config/tweet-cli/.env.
- [COMMAND_EXECUTION]: The skill executes shell commands using the tweet-cli binary, passing user-provided strings and URLs as arguments to the post, reply, and quote functions.
- [PROMPT_INJECTION]: The skill exposes a surface for indirect prompt injection by processing untrusted data from URLs or user-supplied text.
- Ingestion points: Arguments for tweet-cli reply and tweet-cli quote.
- Boundary markers: None identified in the skill instructions.
- Capability inventory: Execution of the tweet-cli command with shell access.
- Sanitization: No input validation or sanitization is specified for the content being posted or the URLs being referenced.
Audit Metadata