Model Context Protocol moderate risk

Twikit

MCP-Twikit provides access to Twitter's search and timeline features, enabling sentiment analysis and real-time monitoring, but requires careful credential management.

Connections & Capabilities

Connects To

GitHub

Capabilities

read

Quickstart

Install

npx -y @smithery/cli install mcp-twikit --client claude

Config

{
    "mcpServer": {
        "command": "uvx",
        "args": ["--from", "git+https://github.com/adhikasp/mcp-twikit", "mcp-twikit"],
        "env": {
            "TWITTER_USERNAME": "@example",
            "TWITTER_EMAIL": "me@example.com",
            "TWITTER_PASSWORD": "secret",
        }
    }
}

Exposed MCP Tools (2)

safe

search_twitter

Searches Twitter for tweets matching a given query.

Read-only operation; retrieves data without modifying anything.

safe

get_timeline

Retrieves tweets from the user's Twitter timeline.

Read-only operation; retrieves data without modifying anything.

Safety Assessment

MCP-Twikit is relatively safe for read-only operations on Twitter data. However, the risk of storing credentials as environment variables makes it crucial to secure the environment. It is risky if the environment is not properly secured, potentially leading to credential compromise and unauthorized access to the user's Twitter account.

Read-only access to Twitter data via `search_twitter` and `get_timeline`
Does not inherently modify Twitter data
Limited scope to Twitter search and timeline retrieval
Requires user authentication, preventing anonymous access

Requires storing Twitter credentials (username, email, password) as environment variables
Potential for credential compromise if environment is not secured
No built-in rate limiting, potentially leading to API usage limits or account restrictions
No sandboxing to prevent unintended access to other system resources
If credentials are leaked, an attacker could access the user's Twitter account