Is iheardulkbtc/twitter-reader safe?

https://github.com/openclaw/skills/tree/main/skills/iheardulkbtc/twitter-reader

99
SAFE

This is a legitimate Twitter/X reader skill that extracts public tweet data using established APIs like FxTwitter and Nitter. The skill contains well-documented functionality with proper error handling and security practices. No malicious behavior, data exfiltration attempts, or prompt injection were detected during analysis.

Category Scores

Prompt Injection 100/100 · 30%
Data Exfiltration 100/100 · 25%
Code Execution 95/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 100/100 · 5%

Findings (1)

INFO Contains executable shell scripts -5

The skill includes three shell scripts (read_tweet.sh, read_thread.sh, read_tweet_nitter.sh) that are necessary for its functionality. These scripts make HTTP requests to public APIs and process JSON responses using standard tools like curl and jq. While executable, they appear well-written with proper error handling and input validation.