Trust Assessment
x-trends received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 3 findings: 0 critical, 0 high, 2 medium, and 1 low severity. Key findings include Unpinned npm dependency version, Skill output can be manipulated by external website content to inject prompts., Dependencies are not strictly pinned, allowing minor/patch updates..
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Unpinned npm dependency version Dependency 'chalk' is not pinned to an exact version ('^5.3.0'). Pin dependencies to exact versions to reduce drift and supply-chain risk. | Dependencies | skills/anishtr4/x-trends-dev/package.json | |
| MEDIUM | Skill output can be manipulated by external website content to inject prompts. The skill fetches trending topics from `https://getdaytrends.com/` and outputs the `name` and `volume` of these trends directly to the console, either as a formatted string or JSON. If the external website is compromised or serves malicious content, it could inject LLM-specific instructions into the trend names or volumes. These instructions would then be passed to the host LLM when it consumes the skill's output, potentially leading to prompt injection. Implement output sanitization for LLM-specific keywords or patterns before displaying or returning data. Consider using an allowlist for characters or encoding output to prevent interpretation as instructions by the LLM. | LLM | index.js:90 | |
| LOW | Dependencies are not strictly pinned, allowing minor/patch updates. The `package.json` file specifies dependencies using caret (`^`) ranges (e.g., `"cheerio": "^1.0.0"`). This allows npm to install any compatible minor or patch version, rather than a specific exact version. While common, this practice can introduce supply chain risks if a new vulnerability is discovered in a compatible version or if a dependency releases a malicious update. Pin dependencies to exact versions (e.g., `"cheerio": "1.0.0"`) to ensure deterministic builds and prevent unexpected updates. Regularly audit and update dependencies. | LLM | package.json:15 |
Scan History
Embed Code
[](https://skillshield.io/report/7c172846102a91e4)
Powered by SkillShield