Falcon
WarnAudited by ClawScan on May 10, 2026.
Overview
Falcon appears to be a coherent Twitter/X helper, but it can use a Twitter session cookie to perform public account actions through a third-party API, so it needs careful review before use.
Review this skill before installing if you plan to use write or engagement features. It is suitable only if you trust TwexAPI with your Twitter/X session cookie and you are willing to approve every public account action manually.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If TWITTER_COOKIE is set and a write command runs, the API service may be able to act on the user's Twitter/X account, including posting or engaging publicly.
For write commands, the script packages the user's Twitter auth cookie and sends it to the TwexAPI service, delegating authority over the user's Twitter/X account to a third party.
BASE_URL="https://api.twexapi.io" ... --arg cookie "$TWITTER_COOKIE" ... api_post "/twitter/tweets/create" "$json"
Only set TWITTER_COOKIE when you intentionally want write access, verify you trust TwexAPI, consider using a limited account, and rotate/revoke the cookie after use.
A mistaken or over-eager invocation could post, reply, like, retweet, bookmark, follow, or unfollow from the user's account.
The skill clearly documents public write and engagement commands and instructs confirmation first, but those commands are still high-impact account mutations.
Posting (confirm with user first) ... falcon tweet "text" ... Engagement (confirm with user first) ... falcon like ... falcon retweet ... falcon follow
Require explicit user confirmation for every write or engagement action, and review the exact tweet/user/action before running it.
If this permissions file is applied, the agent may have reduced tool-level friction for running any Falcon command, including public account mutations.
The included local permissions file broadly allows any Falcon command at that path; because Falcon includes write and engagement commands, this is broader than a read-only or per-action approval boundary.
"Bash(/home/user/Documents/Falcon/falcon:*)"
Remove local development permission files from the package or restrict allowed commands to read-only operations; keep write/engagement actions behind explicit approvals.
Users have less information for verifying who maintains the skill or the trustworthiness of the integration.
The skill's provenance is not identified in the registry metadata, which matters more because the skill handles API credentials and a Twitter/X session cookie.
Source: unknown; Homepage: none
Install only if you trust the publisher and the TwexAPI service; prefer skills with clear source and homepage information when handling account credentials.