Back to skill

Security audit

X Trends

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward CLI that fetches public X trend data from getdaytrends.com and prints it locally.

Reasonable to install if you are comfortable with a CLI contacting getdaytrends.com and trusting its npm dependencies. Treat trend names and links as untrusted public web data, especially if piping JSON output into another tool.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Unpinned Dependencies

Low
Category
Supply Chain
Content
"start": "node index.js"
  },
  "dependencies": {
    "chalk": "^5.3.0",
    "cheerio": "^1.0.0",
    "commander": "^12.0.0",
    "ora": "^8.0.0"
Confidence
40% confidence
Finding
"chalk": "^5.3.0"

Unpinned Dependencies

Low
Category
Supply Chain
Content
},
  "dependencies": {
    "chalk": "^5.3.0",
    "cheerio": "^1.0.0",
    "commander": "^12.0.0",
    "ora": "^8.0.0"
  },
Confidence
40% confidence
Finding
"cheerio": "^1.0.0"

Unpinned Dependencies

Low
Category
Supply Chain
Content
"dependencies": {
    "chalk": "^5.3.0",
    "cheerio": "^1.0.0",
    "commander": "^12.0.0",
    "ora": "^8.0.0"
  },
  "author": "Ani",
Confidence
40% confidence
Finding
"commander": "^12.0.0"

Unpinned Dependencies

Low
Category
Supply Chain
Content
"chalk": "^5.3.0",
    "cheerio": "^1.0.0",
    "commander": "^12.0.0",
    "ora": "^8.0.0"
  },
  "author": "Ani",
  "license": "MIT"
Confidence
40% confidence
Finding
"ora": "^8.0.0"

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.