Safety Report

Opentwitter

Name: Opentwitter
Author: infra403

Twitter/X data via the 6551 API. Supports user profiles, tweet search, user tweets, follower events, deleted tweets, and KOL followers.

140Downloads

0Installs

0Stars

1Versions

API Integration4,971 Search & Retrieval2,116 File Management2,100 Customer Support1,744

Security Analysis

high confidence

Clean

The skill is internally consistent: it requires curl and a TWITTER_TOKEN and the SKILL.md only instructs POSTing that token to the ai.6551.io endpoints described — nothing requests unrelated credentials or installs arbitrary code — but note that requests (and your token) are sent to a third‑party service (6551).

Mar 7, 20262 files2 concerns

Purpose & Capabilityok

Name/description say 'Twitter/X data via the 6551 API' and the skill only requires curl plus a TWITTER_TOKEN. The declared requirements (curl binary, TWITTER_TOKEN) and example curl commands align with the stated purpose.

Instruction Scopenote

SKILL.md contains only curl POST examples to https://ai.6551.io/open/... with Authorization: Bearer $TWITTER_TOKEN. That is consistent with the described functionality, but all requests (and the provided token) go to the third‑party ai.6551.io service rather than to api.twitter.com — users should be aware the skill proxies queries through 6551.

Install Mechanismok

Install spec only recommends installing curl via Homebrew (formula: curl). This is a standard system utility and a low‑risk install mechanism. No downloads from untrusted URLs or code extraction are present.

Credentialsnote

Only TWITTER_TOKEN is required and is declared as the primary credential, which matches the instructions. The important caveat: the SKILL.md indicates you obtain the token from https://6551.io/mcp and that token is sent to ai.6551.io. Verify you understand what that token grants and avoid reusing high‑privilege credentials intended for other services.

Persistence & Privilegeok

always is false and the skill is user‑invocable. There is no installation step that writes persistent code or changes other skills or system settings. The skill does not request elevated or persistent privileges.

Guidance

This skill is coherent and uses curl + a bearer token to call ai.6551.io endpoints. Before installing or supplying a token: (1) confirm whether TWITTER_TOKEN is a token specifically issued by 6551 (per the provided https://6551.io/mcp link) or whether you're being asked to reuse an official Twitter credential; (2) if possible, create a scoped/read‑only token for this service; (3) review 6551's privacy/security policy to understand what they store and how they use your token and data; (4) rotate the token if you suspect misuse; and (5) remember the skill issues outbound HTTP requests — do not supply secrets you would not want sent to a third party.

Latest Release

v0.1.0

- Initial release of the opentwitter skill for accessing Twitter/X data via the 6551 API. - Supports user profile lookup (by username or user ID). - Enables searching tweets with flexible filters (keywords, hashtags, users, language, date range). - Retrieve recent tweets, deleted tweets, follower events (follows/unfollows), and KOL followers. - Requires a Bearer token in the $TWITTER_TOKEN environment variable for all API requests.

More by @infra403

opentwitter

13 stars

Twitter To Binance Square

1 stars

Opennews

0 stars

self-improving-agent

@pskoett · 1,456 stars

Gog

@steipete · 672 stars

Tavily Web Search

@arun-8687 · 620 stars

Published by @infra403 on ClawHub