Security audit
AIsa Twitter Post Engage
Security checks across malware telemetry and agentic risk
Overview
This appears to be a coherent Twitter/X relay skill, though its published metadata underreports its required API key/python runtime and its declared network path is narrower than the actual AIsa relay base.
Before installing, make sure you trust AIsa as a relay: it will receive your Twitter/X searches, post text, engagement targets, and any media files you ask it to upload. You should not provide Twitter passwords, browser cookies, or unrelated secrets. Also note that the registry metadata says there are no requirements, but the actual package requires python3 and an AISA_API_KEY. Confidence is medium because the large Python files were truncated in the provided evidence, so the visible behavior looks coherent but the full source was not completely reviewable here.
VirusTotal
No VirusTotal findings
Static analysis
No suspicious patterns detected.
