Back to skill

Security audit

Bird.Backup

Security checks across malware telemetry and agentic risk

Overview

This X/Twitter CLI skill is coherent, but it gives an agent account-level cookie access and public posting/follow authority without enough safety guidance.

Install only if you intentionally want a local CLI that can act through your X/Twitter account. Use a dedicated browser profile or test account where possible, avoid passing session cookies directly on the command line, and require manual approval before posting, replying, uploading media, following, unfollowing, or otherwise changing account state.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill explicitly instructs users to supply live X/Twitter session cookies via command-line flags or browser-cookie extraction, but it does not clearly warn that auth_token and ct0 are highly sensitive session secrets. Passing them on the command line can expose them via shell history, process listings, logs, or agent transcripts, and browser-cookie access expands the trust boundary to local credential stores.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.