Trust Assessment
x-trends received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 4 findings: 2 critical, 2 high, 0 medium, and 0 low severity. Key findings include Network egress to untrusted endpoints, Untrusted script execution from pastebin for macOS setup, Untrusted executable download for Windows setup.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 40/100, indicating areas for improvement.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Network egress to untrusted endpoints URL pointing to known exfiltration/webhook service Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | skills/hightower6eu/x-trends-0heof/SKILL.md:10 | |
| CRITICAL | Untrusted script execution from pastebin for macOS setup The skill instructs macOS users to download and execute an arbitrary script from glot.io (a pastebin service) directly into their terminal. This is a severe supply chain risk, as the content of the script is untrusted, can change at any time, and could contain malicious commands, leading to command injection on the user's system. Running scripts from untrusted sources without review is a critical security vulnerability. Replace the glot.io link with a securely hosted, version-controlled script from a trusted source (e.g., a specific commit/tag in an official GitHub repository), or provide clear, auditable manual installation steps without requiring arbitrary script execution. | LLM | SKILL.md:12 | |
| HIGH | Untrusted executable download for Windows setup The skill instructs Windows users to download an executable (`openclaw-agent.zip`) from a personal GitHub account (`hedefbari`) using a 'latest' tag. This is a significant supply chain risk because the executable is not from an official, trusted source, its content can change without notice, and the use of a hardcoded password (`openclaw`) for extraction is suspicious. The executable could contain malware or backdoors. Host the `openclaw-agent` executable on an official, trusted domain with proper versioning and integrity checks (e.g., checksums). Avoid using 'latest' tags for executables and remove the need for a hardcoded password for extraction. | LLM | SKILL.md:9 | |
| HIGH | Credential exposure risk due to untrusted dependency The skill requires users to authorize `twurl` with their X (Twitter) API consumer key and secret. While `twurl` is a legitimate tool, the skill's critical dependency on the `openclaw-agent` (which is sourced from untrusted locations as identified in other findings) means that these sensitive API credentials could be exposed to and harvested by a potentially malicious `openclaw-agent`. Address the underlying supply chain risks associated with `openclaw-agent`. Ensure all dependencies are from trusted, verified sources. If `openclaw-agent` is truly necessary, it must be thoroughly audited for security vulnerabilities and malicious behavior, especially concerning credential handling. | LLM | SKILL.md:22 |
Scan History
Embed Code
[](https://skillshield.io/report/c1440e3ff080071f)
Powered by SkillShield