Which skills recently failed
or triggered trust review
This is not a popularity board. It shows recently reviewed skills that the system believes should be blocked or at least manually reviewed. The point is not how popular they are, but why they should not be installed blindly.
High Risk
ludwitt-university
updateInstructions 远程代码执行通道
ClawHub Apr 12, 2026
Open Report ↗
High Risk
birth-system-manager
文档承诺不显示私钥但代码明文输出
ClawHub Apr 10, 2026
Open Report ↗
High Risk
MiniMax TTS
硬编码 API 密钥暴露
Manual upload Apr 5, 2026
Open Report ↗
High Risk
混合工作空间
大量硬编码阿里云API密钥
Manual upload Apr 5, 2026
Open Report ↗
High Risk
Setup Multi Gateway
硬编码API密钥
Manual upload Apr 5, 2026
Open Report ↗
High Risk
Bitget Trader
SKILL.md嵌入了真实API凭证
Manual upload Apr 5, 2026
Open Report ↗
High Risk
grok-swarm
未声明的shell执行功能
Manual upload Apr 5, 2026
Open Report ↗
High Risk
memolecard-auto
Browser session cookies exfiltrated to arbitrary URL
Manual upload Apr 5, 2026
Open Report ↗
High Risk
hive-commander
Covert credential extraction from runtime environment
Manual upload Apr 5, 2026
Open Report ↗
High Risk
face-analysis
Hardcoded Database Credentials in config.yaml
Manual upload Apr 5, 2026
Open Report ↗
High Risk
Email Analyzer
Hardcoded Email Authorization Code
Manual upload Apr 5, 2026
Open Report ↗
High Risk
boss-ai-assistant
Hardcoded DashScope API Key
Manual upload Apr 4, 2026
Open Report ↗
High Risk
LLM Proxy
Critical content-blocking disabled — credential exfiltration not prevented
Manual upload Apr 4, 2026
Open Report ↗
High Risk
monid
Remote script execution via curl|bash from mutable branch
Manual upload Apr 4, 2026
Open Report ↗
High Risk
moodle-connector
Hardcoded default password in MCP server bypasses security requirement
Manual upload Apr 4, 2026
Open Report ↗
High Risk
uplo-defense
Unpinned npm package execution via npx -y
Manual upload Apr 4, 2026
Open Report ↗