twitter-search

SUSPICIOUS: The skill’s purpose is coherent, but it relies on a third-party Twitter data provider instead of official X/Twitter APIs and forwards credentials to that service. The undocumented dependency-install behavior and CLI key-passing guidance add meaningful security risk, though there is no clear evidence of malware or overt exfiltration beyond the stated third-party API use.