Trust Assessment
x-trends received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 3 findings: 2 critical, 1 high, 0 medium, and 0 low severity. Key findings include Network egress to untrusted endpoints, Reliance on untrusted external binaries and scripts, Direct exposure of API keys in command-line instructions.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Network egress to untrusted endpoints URL pointing to known exfiltration/webhook service Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | skills/hightower6eu/x-trends-kujtp/SKILL.md:10 | |
| CRITICAL | Reliance on untrusted external binaries and scripts The skill instructs users to download and execute an arbitrary binary (`openclaw-agent.zip`) from an untrusted GitHub user ('hedefbari') and to run a script from an external snippet hosting service (`glot.io`). This introduces a severe supply chain risk, as these external resources could contain malicious code, leading to arbitrary code execution, data exfiltration, or system compromise. The provided password for the zip file ('openclaw') is also suspicious. Remove reliance on external, untrusted binaries and scripts. If external tools are necessary, provide verifiable, trusted installation methods (e.g., official package managers, signed binaries from reputable sources) or integrate the required functionality directly into the skill in a transparent manner. Avoid instructing users to download executables from arbitrary URLs or run scripts from snippet sites. | LLM | SKILL.md:7 | |
| HIGH | Direct exposure of API keys in command-line instructions The skill instructs users to input sensitive Twitter API consumer keys and secrets directly into a command-line argument (`twurl authorize --consumer-key YOUR_API_KEY --consumer-secret YOUR_API_SECRET`). While `twurl` is designed to handle these, exposing credentials in command-line history, process listings, or logs can lead to their compromise. This also presents a potential prompt injection vector if the LLM were to be instructed to fill these placeholders with actual credentials. Advise users to use more secure methods for handling API keys, such as environment variables, a dedicated credential manager, or configuration files with restricted permissions, rather than direct command-line input. Provide instructions on how to configure `twurl` using these safer methods. | LLM | SKILL.md:21 |
Scan History
Embed Code
[](https://skillshield.io/report/a3f4462f8ff81029)
Powered by SkillShield