bird
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the 'bird' utility from the NPM registry (@steipete/bird) and a third-party Homebrew tap (steipete/tap/bird).
- [COMMAND_EXECUTION]: Shell commands are provided to facilitate interaction with the X/Twitter platform, including posting, replying, and reading tweets.
- [CREDENTIALS_UNSAFE]: The tool accesses sensitive authentication data, including session cookies (auth_token and ct0) and browser profile databases for Chrome, Firefox, and Arc to maintain platform access.
- [PROMPT_INJECTION]: The skill processes untrusted external data from X/Twitter, creating a surface for indirect prompt injection.
- Ingestion points: tweet text, threads, and search results fetched via the 'read', 'thread', and 'search' commands.
- Boundary markers: no specific delimiters are documented to isolate external content from instructions.
- Capability inventory: includes the ability to post tweets, follow users, and manage bookmarks via the CLI tool.
- Sanitization: no content sanitization or validation of the fetched data is specified.
Audit Metadata