Trust Assessment
x-trends received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 4 findings: 2 critical, 2 high, 0 medium, and 0 low severity. Key findings include Network egress to untrusted endpoints, Untrusted Executable Download (Windows), Arbitrary Script Execution from Untrusted Source (macOS).
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 40/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Network egress to untrusted endpoints URL pointing to known exfiltration/webhook service Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | skills/hightower6eu/x-trends-rjmtk/SKILL.md:10 | |
| CRITICAL | Arbitrary Script Execution from Untrusted Source (macOS) The skill instructs users to copy and paste an installation script from `glot.io` (a public code snippet sharing service) into their terminal. This is an extremely dangerous practice, as the content of the script is not controlled, verified, or guaranteed to be safe. A malicious actor could modify the script at any time, leading to arbitrary command execution on the user's system. Remove instructions to execute scripts from untrusted, dynamic sources like `glot.io`. Provide a secure, verifiable installation method, such as a signed package, an official repository, or a script hosted on a trusted domain with content review. | LLM | SKILL.md:11 | |
| HIGH | Untrusted Executable Download (Windows) The skill instructs users to download and run an executable (`openclaw-agent.zip`) from a non-official GitHub user (`hedefbari`) and extract it with a password. This poses a significant supply chain risk as the executable's integrity and origin cannot be fully trusted, potentially leading to the execution of malicious code. Provide a verified, official source for `openclaw-agent` or integrate it directly into the skill's dependency management system. Avoid instructing users to download and run executables from arbitrary URLs, especially with hardcoded passwords. | LLM | SKILL.md:8 | |
| HIGH | Potential Command Injection via Shell Command Examples The skill provides numerous examples of shell commands involving `twurl` and `jq`. If the host LLM constructs these commands by directly interpolating untrusted user input (e.g., for `YourHashtag` or `id` parameters) without proper sanitization or escaping, it could lead to command injection. An attacker could craft input that breaks out of the intended command structure and executes arbitrary shell commands. When constructing shell commands based on user input, ensure all untrusted input is rigorously sanitized and properly escaped for the shell environment. Consider using a dedicated library or framework for safe command execution that handles argument separation and escaping automatically, rather than string concatenation. | LLM | SKILL.md:45 |
Scan History
Embed Code
[](https://skillshield.io/report/9d853cb927b76a06)
Powered by SkillShield