x-twitter
Alert level: Medium
Interact with Twitter/X — read tweets, search, post, like, retweet, and manage your timeline.
Locality:Hybrid
Data access:Personal
Actions:Write
Installs 4Downloads 1159Stars 3Updated 205h ago
Why this rating
Deterministic checks triggered by the tool capabilities and evidence.
- Locality: Hybrid
Runs a local CLI (`twclaw`) that calls the Twitter/X API using bearer-token credentials.
- Data access: Personal
Can read your home timeline, mentions, likes, lists, and bookmarks tied to your account.
- Action surface: Write
Includes posting and engagement actions (tweet/reply/quote/like/retweet/follow) and list membership changes.
Best practices
Follow these steps to reduce risk when using this skill.
- Use least-privilege API credentials and keep tokens (`TWITTER_BEARER_TOKEN`, API key/secret) out of logs and repos; rotate/revoke if exposed.
- Confirm tweet text, media paths, and target tweet IDs before any write action (tweet/reply/like/retweet/follow), especially in bulk or scripted runs.
- Respect rate limits and avoid automating behavior that could trigger account restrictions; space out actions and use cursors intentionally.
Evidence links
Public sources backing the indicator assignments.
Always be careful when navigating away from the website.
Max-risk rule
If any capability reaches a higher level, the entire indicator level bumps up to keep ratings deterministic and easy to scan.