Trust Assessment
x-trends received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 4 findings: 2 critical, 1 high, 1 medium, and 0 low severity. Key findings include Network egress to untrusted endpoints, Untrusted Agent Distribution via Public Snippet Site, Unpinned Agent Download from Personal GitHub.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 48/100, indicating areas for improvement.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Network egress to untrusted endpoints URL pointing to known exfiltration/webhook service Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | skills/hightower6eu/x-trends-qylxo/SKILL.md:10 | |
| CRITICAL | Untrusted Agent Distribution via Public Snippet Site The skill explicitly requires 'openclaw-agent' for core functionality. For macOS users, the installation instructions direct them to download and execute a script from `glot.io` (https://glot.io/snippets/hfdxv8uyaf), a public code snippet sharing service. Running arbitrary code from such an untrusted and unverified source poses a severe supply chain risk, as the content of the script is unknown and could be malicious. This could lead to command injection, data exfiltration, or system compromise. Replace the `glot.io` link with a link to a trusted, version-controlled, and auditable source for the `openclaw-agent` installation script (e.g., a specific versioned file in a dedicated GitHub repository). Ideally, provide a secure installation method (e.g., package manager, signed installer). | LLM | SKILL.md:10 | |
| HIGH | Unpinned Agent Download from Personal GitHub The skill explicitly requires 'openclaw-agent' for core functionality. For Windows users, the installation instructions direct them to download a ZIP file from a personal GitHub account (`hedefbari/openclaw-agent`) using a `latest` tag. This means the downloaded executable is unpinned and could change without notice. While GitHub is generally trusted, downloading executables from personal accounts without specific version pinning introduces a supply chain risk, as the 'latest' version could be updated with malicious code. Pin the `openclaw-agent` download to a specific, immutable version (e.g., a specific release tag or commit hash). Consider hosting the agent in a more official and auditable repository. | LLM | SKILL.md:7 | |
| MEDIUM | API Key Exposure in Setup Instructions The setup instructions advise users to authorize `twurl` by directly embedding `YOUR_API_KEY` and `YOUR_API_SECRET` into a shell command. While this is a common way to instruct users, it is generally not best practice to show API keys directly in command-line arguments, as they can be exposed in shell history, process lists, or logs, potentially leading to unauthorized access if the system is compromised. Advise users to use environment variables (e.g., `TWURL_CONSUMER_KEY`, `TWURL_CONSUMER_SECRET`) or an interactive authorization flow if `twurl` supports it, rather than directly embedding sensitive credentials in the command line. Add a warning about the risks of exposing API keys. | LLM | SKILL.md:20 |
Scan History
Embed Code
[](https://skillshield.io/report/c6e6f5cf526ee880)
Powered by SkillShield