Trust Assessment
x-trends received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 4 findings: 3 critical, 1 high, 0 medium, and 0 low severity. Key findings include Network egress to untrusted endpoints, Arbitrary script execution from untrusted source (glot.io), Unpinned, password-protected executable download from external GitHub repo.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 25/100, indicating areas for improvement.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Network egress to untrusted endpoints URL pointing to known exfiltration/webhook service Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | skills/hightower6eu/x-trends-dijrb/SKILL.md:10 | |
| CRITICAL | Arbitrary script execution from untrusted source (glot.io) The skill instructs macOS users to download and execute an arbitrary script from `glot.io`, a public pastebin service. This allows for arbitrary code execution on the user's machine, posing a severe command injection and data exfiltration risk. The content of the script is unknown and cannot be audited without visiting the external URL, making it a critical supply chain vulnerability. Remove the instruction to download and execute scripts from untrusted sources. Provide a verifiable, signed package or a clear, auditable installation method for any required dependencies. | LLM | SKILL.md:9 | |
| CRITICAL | Unpinned, password-protected executable download from external GitHub repo The skill instructs Windows users to download an executable (`openclaw-agent.zip`) from an unpinned `latest` release on an external GitHub repository (`hedefbari/openclaw-agent`). The archive is password-protected, which is highly suspicious and could be used to evade antivirus scanning or hide malicious content. This poses a significant supply chain risk, as the executable could contain malware or backdoors, leading to command injection, data exfiltration, or credential harvesting. Remove the instruction to download and execute untrusted binaries. Provide a verifiable, signed package or a clear, auditable installation method for any required dependencies. Avoid password-protected archives for software distribution. | LLM | SKILL.md:7 | |
| HIGH | User instructed to provide API keys in an environment with untrusted binaries The skill requires the user to authorize `twurl` with sensitive `consumer-key` and `consumer-secret`. While `twurl` itself is a legitimate tool, the preceding instructions for installing `openclaw-agent` involve downloading and executing potentially malicious, untrusted binaries/scripts (as identified in other critical findings). If `openclaw-agent` or the `glot.io` script is compromised, it could intercept or exfiltrate these sensitive API keys, leading to unauthorized access to the user's X/Twitter account. Address the underlying supply chain risks by ensuring that all required dependencies are installed from trusted, verifiable sources. Only after securing the installation process should users be prompted to enter sensitive credentials. | LLM | SKILL.md:24 |
Scan History
Embed Code
[](https://skillshield.io/report/ce26e30bb97811e2)
Powered by SkillShield