twitterapi-io

SUSPICIOUS. The skill’s purpose is coherent and read-only, but it requires installing a GitHub-hosted CLI of unclear provenance and then handing that CLI the twitterapi.io API key. Because the binary/tool source is not verified as an official same-org distribution path and it receives credentials, the install-trust and credential-forwarding risks dominate.