Trust Assessment
x-trends received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 5 findings: 3 critical, 1 high, 1 medium, and 0 low severity. Key findings include Network egress to untrusted endpoints, Unpinned dependency version for `twurl` gem, Direct download and execution of unverified executable.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 18/100, indicating areas for improvement.
Last analyzed on February 12, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings5
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Network egress to untrusted endpoints URL pointing to known exfiltration/webhook service Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | skills/hightower6eu/x-trends-ovdpf/SKILL.md:10 | |
| CRITICAL | Direct download and execution of unverified executable The skill instructs Windows users to download `openclaw-agent.zip` from `https://github.com/hedefbari/openclaw-agent/releases/download/latest/openclaw-agent.zip` and run the executable. This URL points to a `latest` release from a user account (`hedefbari`) which is not necessarily the official `openclaw` organization. There are no integrity checks (e.g., checksums) provided. Running an executable from an unverified source, especially one that is not version-pinned, poses an extreme supply chain risk. A malicious actor could compromise the `hedefbari` account or inject malware into a future "latest" release, leading to arbitrary code execution on the user's machine. Avoid instructing users to download and run executables from unverified or unpinned sources. If an external executable is absolutely necessary, provide cryptographic hashes (e.g., SHA256) for integrity verification, link to official, version-pinned releases, and ideally, provide a more secure installation method (e.g., package manager, signed installer). | LLM | SKILL.md:10 | |
| CRITICAL | Instruction to execute arbitrary script from untrusted source The skill instructs macOS users to visit `https://glot.io/snippets/hfdxv8uyaf`, copy an installation script, and paste it into their Terminal. `glot.io` is a public code snippet sharing service, not a trusted source for software distribution. Running arbitrary scripts from such a service without review is extremely dangerous and constitutes a critical supply chain risk. The content of the script could be malicious, leading to arbitrary code execution, data exfiltration, or system compromise. Never instruct users to execute scripts directly from untrusted or ephemeral sources like pastebins. If an installation script is necessary, it should be part of the skill package itself, signed, or hosted on a trusted, version-controlled platform with integrity checks. | LLM | SKILL.md:13 | |
| HIGH | Potential command injection via `twurl` query parameters The skill provides examples of `twurl` commands that include parameters like `query=%23YourHashtag`. If the `YourHashtag` portion is replaced by unsanitized user input when the LLM constructs and executes these commands, it could lead to command injection. For example, if a user provides input like `foo&max_results=10; rm -rf /`, the shell command executed would be `twurl "/2/tweets/search/recent?query=%23foo&max_results=10; rm -rf /&max_results=10" | jq '.data'`, potentially executing `rm -rf /`. This is a common vulnerability when shell commands are constructed with user-provided strings without proper escaping or validation. When constructing shell commands with user input, ensure all user-provided strings are properly escaped for the shell context (e.g., using `shlex.quote` in Python) or strictly validated against an allow-list of safe characters/patterns. Avoid direct concatenation of user input into shell commands. | LLM | SKILL.md:56 | |
| MEDIUM | Unpinned dependency version for `twurl` gem The skill's manifest specifies `twurl` as a required gem but does not pin it to a specific version. This means that `gem install twurl` will always fetch the latest version. If a future version of `twurl` (or a malicious package with the same name due to a maintainer account compromise) introduces vulnerabilities or malicious code, the skill would automatically install and execute it, leading to a supply chain attack. Pin the `twurl` gem to a specific, known-good version (e.g., `"package": "twurl", "version": "x.y.z"`). Regularly review and update the pinned version. | LLM | SKILL.md:10 |
Scan History
Embed Code
[](https://skillshield.io/report/0937264c791b68e2)
Powered by SkillShield