Twitter Research

Name/description (Twitter research) aligns with the runtime instructions: the SKILL.md describes automated browser scraping of X/Twitter and a fallback to fxtwitter/vxtwitter APIs, which are coherent for the stated task.

Instructions require reusing the local Chrome login (-b real) and therefore implicitly rely on the user's browser session/cookies (sensitive local state) though no credential or permission is declared. The SKILL.md also instructs installing and invoking a CLI (browser-use) at runtime and uses WebSearch as a tool, but WebSearch is referenced in the text while not listed in the allowed-tools header — a mismatch that grants the agent broader discretion than the documented tool list. The skill also instructs clearing proxy env vars and expects Chrome to be running; these are actions that interact with local system state beyond a simple API call.

The manifest has no install spec, but the instructions tell the agent to run `uv tool install browser-use && browser-use install` at runtime. That causes code to be downloaded/installed during execution (higher risk). The instruction forbids alternative install paths (e.g., curl install.sh) and mandates the uv installer; this reliance on a runtime installer is reasonable for browser automation but increases the attack surface and should be explicit in the registry metadata.

The skill declares no required env vars or credentials, yet it instructs reuse of the user's real Chrome profile (implying access to cookies/session tokens) and clears proxy environment variables. Access to a logged-in Chrome profile is effectively using local credentials/session state but is not declared or requested explicitly—this is disproportionate to the manifest, and users should be warned that their logged-in account will be used for scraping.