Felo Twitter Writer

Security checks across malware telemetry and agentic risk

Overview

The skill’s Twitter writing workflow is coherent, but it automatically reuses and persists work into an existing private Felo LiveDoc without clear user confirmation or isolation.

Review this skill before installing if you use Felo LiveDocs for sensitive work. Prefer creating or selecting a dedicated LiveDoc for Twitter Writer, and only use it with a Felo API key and style-library data you are comfortable sending to Felo. Also verify that the required companion skills, especially felo-x-search, come from a source you trust.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 87% confidence
Finding: The skill explicitly instructs the agent to fetch tweets and profile data from X/Twitter, which involves external network access and processing third-party content, but it does not require any user-facing disclosure or confirmation before doing so. This can create privacy and transparency issues, especially when users may not realize their request causes outbound requests and ingestion of external content into downstream tools such as SuperAgent and LiveDoc.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal