Bottom line, don’t do it, and if you do, assume you are already exposed and act upon it.
You are assuming:
-Tor is 100% secure, even though in the past FBI did infiltrate it with rouge node/exit nodes
-Linux is automatically secure, while it might be better than windows, but the attack vector can still happen, from a non-core package installed (say photo viewer) to a hardware backdoor like the ones in intel CPUs (look for IME)
-Trusting mullvad, while they have a clean reputation so far, but you still have to trust them, there’s no zero-trust policy
-Using Tor+vpn defeats the purpose of tor btw, regardless of the order.
-How you plan to not provide any personal when you are using a phone number, and connected to the internet. Phone number can be used to access you, from zero-day exploits that doesn’t require you to click any link, to geo-locate you just by being connected to the cellular operator. Also as long as you are using the internet, you have a fingerprint that identifies you, even if you are disabling javascript in the browser, which I don’t think Twitter works without it but I didn’t try.
I remember reading in here a while ago about a Chinese dissent who happen to have long cybersec experience, yet eventually got caught by the government, can’t find the story maybe someone can help.
Edit: I also assume you won’t have “twitter blue” aka pay for twitter subscription, or it’s a quick check mate. And if you don’t pay, your tweets will not have the same impact as the ones tweeted from a paid account.
Bottom line again: Twitter isn’t meant for such activities, plan to have a plan B (and C and D too) whenever someone put enough resources to expose your identity.
Good luck :)
Wrong, also you can use a one-time verification service like 5sim, smspva, etc. or rent a virtual number
