laniameda-x-post

SUSPICIOUS: the stated scraping purpose generally matches the documented behavior, but the full feature set relies on a third-party browser/plugin service installed via transitive trust paths and expands into broad web/search scraping. No clear credential theft or overt exfiltration is documented, yet the external install chain, opaque localhost proxying, and untrusted-content processing make this a medium-risk skill rather than benign.

SUSPICIOUS. The core purpose is coherent, but the skill routes tweet retrieval through a third-party FxTwitter proxy, recursively ingests untrusted external content with subagents/browser automation, and depends on an unverifiable local fetcher script outside official package channels. User approval limits the highest-impact writes, but the install trust and indirect prompt-injection exposure make this a medium-high risk skill.