Twitter Cultivate

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent Twitter/X account analysis guide, but it asks users to store live session cookies and rely on unpinned third-party client code.

Review carefully before installing. Use a throwaway or isolated environment if possible, audit and pin the third-party Twitter client before running it, store the cookie file with restrictive permissions, never commit or share the cookie values, and log out or rotate the Twitter/X session after use.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill instructs users to extract and store live Twitter/X session cookies (`auth_token`, `ct0`) and use them for automated access, but it does not warn that these are effectively bearer-style session secrets that can enable full account access if exposed. In this context, the risk is elevated because the skill explicitly normalizes copying credentials out of the browser into a local file and environment-driven workflow, increasing the chance of leakage, reuse, mishandling, or accidental inclusion in logs, repos, backups, or other tools.

VirusTotal

No VirusTotal findings

View on VirusTotal