中文 EN
Start Review
Risk Sample Stream

Which skills recently failed
or triggered trust review

This is not a popularity board. It shows recently reviewed skills that the system believes should be blocked or at least manually reviewed. The point is not how popular they are, but why they should not be installed blindly.

349 Risky samples surfaced
4 New in 7 days
0 Platform misses surfaced
All Malicious High Risk Suspicious
Sort by time Sort by risk
All Code Exec Credential Theft Data Exfil Priv Esc Supply Chain Doc Deception Prompt Injection Obfuscation
65 /100
Trust
Review

solo-mission

危险的远程脚本执行模式

Supply ChainCredential TheftData ExfilDoc Mismatch
ClawHub 7 hr ago
Open Report ↗
55 /100
Trust
Review

子网计算服务

用户凭证持久化存储

Credential TheftSupply ChainData Exfil
ClawHub 5 days ago
Open Report ↗
60 /100
Trust
Review

amazon-screenshot

硬编码SMTP服务凭证(阴影功能)

Credential TheftPriv EscalationRCESupply Chain
ClawHub 18 days ago
Open Report ↗
55 /100
Trust
Review

imitation-agent

加密货币私钥明文存储

Credential TheftSupply ChainDoc MismatchPriv Escalation
ClawHub 24 days ago
Open Report ↗
65 /100
Trust
Review

web-application-fuzzing-automation

文档声明与实际用途的权限声明不匹配

Doc MismatchSensitive AccessCredential Theft
ClawHub Apr 29, 2026
Open Report ↗
40 /100
Trust
Review

odds-movement-monitor

硬编码第三方API密钥

Credential TheftDoc MismatchSupply Chain
ClawHub Apr 11, 2026
Open Report ↗
55 /100
Trust
Review

self-evolution-engine

硬编码API密钥暴露

Credential TheftDoc MismatchSupply ChainPriv Escalation
ClawHub Apr 10, 2026
Open Report ↗
45 /100
Trust
Review

whale-alert-monitor

硬编码API密钥

Credential TheftDoc MismatchSupply ChainSensitive Access
ClawHub Apr 9, 2026
Open Report ↗
45 /100
Trust
Review

wechat-ai-bridge

配置文件明文存储敏感凭证

Credential TheftData ExfilDoc MismatchSupply Chain
ClawHub Apr 6, 2026
Open Report ↗
45 /100
Trust
Review

baidu-netdisk-skill

硬编码加密密钥使 AES-256 加密承诺失效

Doc MismatchCredential TheftSupply ChainPriv Escalation
ClawHub Apr 6, 2026
Open Report ↗
40 /100
Trust
Review

asiasea-bi

API认证凭证通过Base64编码嵌入可公开访问的HTML

Credential TheftDoc MismatchObfuscationSupply Chain
Manual upload Apr 5, 2026
Open Report ↗
55 /100
Trust
Review

xiayu

用户凭证直接收集存在风险

Credential TheftData ExfilDoc MismatchSensitive Access
Manual upload Apr 5, 2026
Open Report ↗
65 /100
Trust
Review

feishu-bot-config-helper

危险远程脚本管道执行

RCEPriv EscalationCredential TheftDoc Mismatch
Manual upload Apr 5, 2026
Open Report ↗
58 /100
Trust
Review

feishu-ops

影子功能:本地桌面文件操作未在文档声明

Doc MismatchSensitive AccessSupply ChainCredential Theft
Manual upload Apr 5, 2026
Open Report ↗
58 /100
Trust
Review

recognize_intent

硬编码外部IP地址

Sensitive AccessCredential TheftDoc Mismatch
Manual upload Apr 5, 2026
Open Report ↗
55 /100
Trust
Review

用户工作区 (Multi-Skill Workspace)

虚构的 API 名称

Doc MismatchCredential TheftSupply Chain
Manual upload Apr 5, 2026
Open Report ↗
1 / 4
Next →