Is anishtr4/x-trends safe?

https://github.com/openclaw/skills/tree/main/skills/anishtr4/x-trends

93
SAFE

x-trends is a straightforward, read-only CLI tool that scrapes public Twitter trending topics from getdaytrends.com using standard Node.js HTTP and HTML parsing libraries. The SKILL.md contains no prompt injection vectors, the code contains no data exfiltration paths, no lifecycle hooks, no hidden execution mechanisms, and all canary honeypot files remained intact post-installation. The only notable risks are the inherent trust placed in a third-party scraping domain whose responses are surfaced to the agent context, and a minor metadata version inconsistency.

Category Scores

Prompt Injection 97/100 · 30%
Data Exfiltration 91/100 · 25%
Code Execution 96/100 · 20%
Clone Behavior 88/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 88/100 · 5%

Findings (5)

LOW Outbound HTTPS request to third-party aggregator -7

index.js fetches HTML from https://getdaytrends.com on every invocation. While this is the skill's declared purpose, the content returned is parsed and surfaced to the agent. A compromised or adversarially-controlled response from this domain could inject content into the agent's context window.

LOW Browser User-Agent spoofing -2

The skill sends a Chrome browser User-Agent header when scraping getdaytrends.com to bypass bot-detection measures. This is standard scraping practice but constitutes minor deception toward the target server and could violate the site's ToS.

INFO Transitive dependency on undici via cheerio -4

[email protected] pulls in [email protected] as a dependency. undici has historically had CVEs. The current version appears unaffected by known critical vulnerabilities but should be monitored.

INFO Version metadata inconsistency -4

_meta.json declares version 1.2.1 while package.json declares 1.2.0. This suggests the registry metadata was bumped without a corresponding package.json update, indicating loose release discipline.

INFO Unrelated skill found in lock.json -2

.clawhub/lock.json references 'academic-research-hub' as an installed skill. This is likely leftover from the test environment's skill store and is unrelated to x-trends, but indicates the audit VM has other skills installed.