Risk Sample Stream

Which skills recently failed
or triggered trust review

This is not a popularity board. It shows recently reviewed skills that the system believes should be blocked or at least manually reviewed. The point is not how popular they are, but why they should not be installed blindly.

349 Risky samples surfaced

4 New in 7 days

0 Platform misses surfaced

All Code Exec Credential Theft Data Exfil Priv Esc Supply Chain Doc Deception Prompt Injection Obfuscation

55 /100

Trust

Review

security-defense-line

Hardcoded API Key in Source Code

Credential TheftDoc MismatchSupply Chain

Manual upload Apr 4, 2026

Open Report ↗

55 /100

Trust

Review

rewrite_question

Network capability declared as NONE but actual traffic exists

Doc MismatchCredential TheftData ExfilPriv Escalation

Manual upload Apr 4, 2026

Open Report ↗

52 /100

Trust

Review

sql_audit

Hardcoded JWT token in source code

Credential TheftDoc MismatchPriv Escalation

Manual upload Apr 4, 2026

Open Report ↗

55 /100

Trust

Review

hostlink

No allowed-tools declaration despite full shell access

Doc MismatchPriv EscalationCredential TheftSensitive Access

Manual upload Apr 4, 2026

Open Report ↗

55 /100

Trust

Review

Bitget Trader

Exposed API Credentials in Plaintext

Credential TheftDoc MismatchPriv EscalationSupply Chain

Manual upload Apr 4, 2026

Open Report ↗

52 /100

Trust

Review

figma-agent

Undeclared scanning of Claude Code credential store

Credential TheftDoc MismatchSensitive Access

Manual upload Apr 3, 2026

Open Report ↗

45 /100

Trust

Review

dex-arbitrage

Undeclared mandatory payment/billing system

Doc MismatchCredential TheftData Exfil

Manual upload Apr 3, 2026

Open Report ↗

← Previous

4 / 4

Which skills recently failedor triggered trust review

security-defense-line

rewrite_question

sql_audit

hostlink

Bitget Trader

figma-agent

dex-arbitrage

Which skills recently failed
or triggered trust review