This new feature can be great, especialy if you provide some free analytics about clicks, retweets count in the way bit.ly does (R.I.P. :D).
But you said : "we're trying to protect users against phishing and other malicious attacks" I'm wondering how you can do that : expand all urls and follow http redirections ? What if attackers are using meta redirectors, or javascript redirectors, or flash redirectors ? :) I wish you good luck !