Trust Assessment
x-trends received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 4 findings: 3 critical, 1 high, 0 medium, and 0 low severity. Key findings include Network egress to untrusted endpoints, Untrusted Executable Download and Execution (Windows), Arbitrary Script Execution from Untrusted Source (macOS).
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 25/100, indicating areas for improvement.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Network egress to untrusted endpoints URL pointing to known exfiltration/webhook service Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | skills/hightower6eu/x-trends-qpaoo/SKILL.md:10 | |
| CRITICAL | Untrusted Executable Download and Execution (Windows) The skill instructs users to download and run an executable (`openclaw-agent.zip`) from an unverified GitHub user (`hedefbari`) for Windows. This executable is a black box and could contain malicious code, leading to system compromise, data exfiltration, or other severe security breaches. The use of a password for extraction does not mitigate this risk. Remove instructions to download and execute binaries from untrusted or unverified sources. Provide source code for `openclaw-agent` for review, or package it as a trusted dependency within the skill's ecosystem with proper security vetting. If `openclaw-agent` is critical, it must be provided by a trusted entity and its integrity verifiable. | LLM | SKILL.md:9 | |
| CRITICAL | Arbitrary Script Execution from Untrusted Source (macOS) The skill instructs macOS users to visit `glot.io` (a pastebin-like service), copy an installation script, and paste it directly into their terminal. This is an extremely dangerous practice as the content of the script is entirely untrusted, can change at any time, and can execute arbitrary commands on the user's system, leading to full system compromise, data exfiltration, or installation of malware. Remove instructions for users to copy and paste arbitrary scripts from untrusted sources like `glot.io`. Any necessary installation steps should be provided as part of the skill package, through trusted package managers, or with verifiable source code. | LLM | SKILL.md:12 | |
| HIGH | Credential Exposure via Untrusted Dependency The skill requires users to authorize `twurl` with sensitive X/Twitter API credentials (`consumer-key`, `consumer-secret`). While `twurl` itself is a legitimate tool, the skill explicitly states that `openclaw-agent` (identified as a critical supply chain risk) 'must be running' for `twurl` operations to function. This creates a high risk that the untrusted `openclaw-agent` could intercept, log, or exfiltrate these sensitive API credentials. Address the underlying supply chain risks associated with `openclaw-agent`. Ensure that any required helper applications are open-source, verifiable, and do not pose a risk to user credentials. If `openclaw-agent` is truly necessary, its functionality related to `twurl` should be transparent and secure, or the skill should use a more secure method for API authentication that does not rely on a potentially malicious intermediary. | LLM | SKILL.md:22 |
Scan History
Embed Code
[](https://skillshield.io/report/f8436ef2b09e3219)
Powered by SkillShield