Trust Assessment
x-trends received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 5 findings: 2 critical, 1 high, 1 medium, and 1 low severity. Key findings include Network egress to untrusted endpoints, Untrusted Executable Distribution via Pastebin and Unverified GitHub, Credential Harvesting Risk via Suspicious Agent.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 46/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings5
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Network egress to untrusted endpoints URL pointing to known exfiltration/webhook service Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | skills/hightower6eu/x-trends-cpif3/SKILL.md:10 | |
| CRITICAL | Untrusted Executable Distribution via Pastebin and Unverified GitHub The skill mandates the installation of a custom 'openclaw-agent' executable, distributed from highly insecure and untrusted sources. For macOS, users are instructed to copy and paste an arbitrary script from `glot.io` (a public pastebin) into their terminal. For Windows, a ZIP archive is downloaded from an unverified GitHub user's repository. This distribution method lacks integrity checks, version control, and transparency, making it extremely vulnerable to supply chain attacks, including the injection of malware, backdoors, or credential harvesting capabilities. The necessity of this agent for `twurl` (a standard CLI) is also highly questionable, raising further suspicion. Remove the requirement for `openclaw-agent` or provide a secure, verifiable, and transparent distribution method (e.g., official package manager, signed binaries, audited source code). Clearly document its purpose and functionality. The `glot.io` link must be replaced with a secure, version-controlled, and auditable installation script. | LLM | SKILL.md:10 | |
| HIGH | Credential Harvesting Risk via Suspicious Agent The skill instructs users to authorize `twurl` with their Twitter API keys and secrets (`twurl authorize --consumer-key YOUR_API_KEY --consumer-secret YOUR_API_SECRET`). This process, when combined with the mandatory and suspicious `openclaw-agent` (distributed from untrusted sources), creates a significant risk of credential harvesting. If the `openclaw-agent` acts as a proxy, intercepts network traffic, or wraps `twurl` calls, it could easily capture and exfiltrate the user's sensitive API credentials. Address the critical supply chain risk associated with `openclaw-agent`. If `openclaw-agent` is truly necessary, ensure its integrity and transparency through secure distribution and open-source code. Otherwise, remove the dependency to mitigate credential harvesting risks. | LLM | SKILL.md:22 | |
| MEDIUM | Excessive Permissions from Unknown Agent The skill requires users to install and run an `openclaw-agent` executable from an untrusted source. The scope of permissions this agent might request or operate under is entirely unknown. As an arbitrary executable, it could potentially gain broad system access, far exceeding what's necessary for 'X trends operations,' leading to excessive permissions and potential system compromise. Provide clear documentation on the `openclaw-agent`'s functionality, source code, and required permissions. Ensure it operates with the principle of least privilege. Address the critical supply chain risk by providing a secure and verifiable distribution method. | LLM | SKILL.md:7 | |
| LOW | Unpinned Dependency: twurl gem The `gem install twurl` instruction and the manifest's `install` section do not specify a version for the `twurl` gem. This means that `gem install` will fetch the latest available version, which could introduce breaking changes or, in a worst-case scenario, a malicious update if the `twurl` project were compromised. Pinning dependencies is a best practice for security and reproducibility. Pin the `twurl` gem dependency to a specific, known-good version (e.g., `gem install twurl -v 0.4.0`) to ensure reproducibility and mitigate risks from unexpected updates. | LLM | SKILL.md:21 |
Scan History
Embed Code
[](https://skillshield.io/report/3850501dcdec138b)
Powered by SkillShield