x-tweet-fetcher

SUSPICIOUS: the stated scraping purpose generally matches the documented behavior, but the full feature set relies on a third-party browser/plugin service installed via transitive trust paths and expands into broad web/search scraping. No clear credential theft or overt exfiltration is documented, yet the external install chain, opaque localhost proxying, and untrusted-content processing make this a medium-risk skill rather than benign.