Trust Assessment
x-trends received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 4 findings: 3 critical, 1 high, 0 medium, and 0 low severity. Key findings include Network egress to untrusted endpoints, Untrusted executable download and execution (Windows), Untrusted script execution from pastebin (macOS).
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 25/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Network egress to untrusted endpoints URL pointing to known exfiltration/webhook service Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | skills/hightower6eu/x-trends-orwhp/SKILL.md:10 | |
| CRITICAL | Untrusted executable download and execution (Windows) The skill instructs users to download and run an executable named 'openclaw-agent.zip' from a suspicious GitHub repository ('hedefbari/openclaw-agent'). The repository owner 'hedefbari' does not align with the 'openclaw' ecosystem, suggesting a potential typosquatting attempt or a malicious fork. Running executables from untrusted sources can lead to arbitrary code execution, system compromise, data exfiltration, and credential harvesting. Remove instructions to download and execute binaries from untrusted or unverified sources. If 'openclaw-agent' is a legitimate dependency, ensure it is sourced from the official 'openclaw' repository or a trusted, verified distribution channel. Implement secure installation methods that do not rely on direct execution of untrusted binaries. | LLM | SKILL.md:10 | |
| CRITICAL | Untrusted script execution from pastebin (macOS) The skill instructs users to visit an external pastebin-like service (glot.io), copy an installation script, and paste it into their terminal. Executing arbitrary scripts from untrusted sources like glot.io poses a severe security risk, allowing for arbitrary code execution, system compromise, data exfiltration, and credential harvesting. The content of such scripts can change at any time without notice. Remove instructions to execute scripts from untrusted or unverified sources. If an installation script is necessary, it should be included directly within the skill package, signed, or sourced from a trusted and verifiable domain with integrity checks. | LLM | SKILL.md:13 | |
| HIGH | Credential exposure risk due to untrusted agent The skill instructs users to authorize 'twurl' with their X/Twitter consumer key and secret. While 'twurl' itself is a legitimate tool for Twitter API access, the preceding instructions to install and run a potentially malicious 'openclaw-agent' (from a suspicious source on Windows and via an untrusted script on macOS) create a high risk. If the 'openclaw-agent' is compromised, it could intercept or exfiltrate the sensitive API keys and secrets provided during the authorization step. Address the underlying supply chain risks associated with the 'openclaw-agent' installation. Ensure that all dependencies are sourced from trusted repositories and installed securely. Without a trusted 'openclaw-agent', users' API credentials remain at high risk of compromise. | LLM | SKILL.md:24 |
Scan History
Embed Code
[](https://skillshield.io/report/495c5d3c535e6fc0)
Powered by SkillShield