social-cli

The skill is purpose-aligned and its install/data-flow story is largely coherent: same-org source repo, local build from source, and direct use of social platform credentials for social platform actions. The main risk is not hidden exfiltration but autonomy: it is explicitly built to let an agent run unattended social posting/engagement loops with live credentials, creating high real-world action risk despite otherwise reasonable provenance.