中文 EN
Start Review
Risk Sample Stream

Which skills recently failed
or triggered trust review

This is not a popularity board. It shows recently reviewed skills that the system believes should be blocked or at least manually reviewed. The point is not how popular they are, but why they should not be installed blindly.

349 Risky samples surfaced
4 New in 7 days
0 Platform misses surfaced
All Malicious High Risk Suspicious
Sort by time Sort by risk
All Code Exec Credential Theft Data Exfil Priv Esc Supply Chain Doc Deception Prompt Injection Obfuscation
65 /100
Trust
Review

solo-mission

危险的远程脚本执行模式

Supply ChainCredential TheftData ExfilDoc Mismatch
ClawHub 8 hr ago
Open Report ↗
55 /100
Trust
Review

子网计算服务

用户凭证持久化存储

Credential TheftSupply ChainData Exfil
ClawHub 5 days ago
Open Report ↗
60 /100
Trust
Review

amazon-screenshot

硬编码SMTP服务凭证(阴影功能)

Credential TheftPriv EscalationRCESupply Chain
ClawHub 18 days ago
Open Report ↗
55 /100
Trust
Review

imitation-agent

加密货币私钥明文存储

Credential TheftSupply ChainDoc MismatchPriv Escalation
ClawHub 24 days ago
Open Report ↗
65 /100
Trust
Review

web-application-fuzzing-automation

文档声明与实际用途的权限声明不匹配

Doc MismatchSensitive AccessCredential Theft
ClawHub Apr 29, 2026
Open Report ↗
25 /100
Trust
High Risk

ludwitt-university

updateInstructions 远程代码执行通道

RCEDoc MismatchPersistenceCredential Theft
ClawHub Apr 12, 2026
Open Report ↗
40 /100
Trust
Review

odds-movement-monitor

硬编码第三方API密钥

Credential TheftDoc MismatchSupply Chain
ClawHub Apr 11, 2026
Open Report ↗
32 /100
Trust
High Risk

birth-system-manager

文档承诺不显示私钥但代码明文输出

Doc MismatchCredential TheftSupply ChainSensitive Access
ClawHub Apr 10, 2026
Open Report ↗
45 /100
Trust
Review

whale-alert-monitor

硬编码API密钥

Credential TheftDoc MismatchSupply ChainSensitive Access
ClawHub Apr 9, 2026
Open Report ↗
45 /100
Trust
Review

wechat-ai-bridge

配置文件明文存储敏感凭证

Credential TheftData ExfilDoc MismatchSupply Chain
ClawHub Apr 6, 2026
Open Report ↗
45 /100
Trust
Review

baidu-netdisk-skill

硬编码加密密钥使 AES-256 加密承诺失效

Doc MismatchCredential TheftSupply ChainPriv Escalation
ClawHub Apr 6, 2026
Open Report ↗
15 /100
Trust
Block

luci-memory

API密钥在初始化时即被外传至硬编码外部IP

Credential TheftData ExfilObfuscationDoc Mismatch
Manual upload Apr 5, 2026
Open Report ↗
35 /100
Trust
High Risk

MiniMax TTS

硬编码 API 密钥暴露

Credential TheftDoc MismatchSupply Chain
Manual upload Apr 5, 2026
Open Report ↗
40 /100
Trust
Review

asiasea-bi

API认证凭证通过Base64编码嵌入可公开访问的HTML

Credential TheftDoc MismatchObfuscationSupply Chain
Manual upload Apr 5, 2026
Open Report ↗
55 /100
Trust
Review

xiayu

用户凭证直接收集存在风险

Credential TheftData ExfilDoc MismatchSensitive Access
Manual upload Apr 5, 2026
Open Report ↗
65 /100
Trust
Review

feishu-bot-config-helper

危险远程脚本管道执行

RCEPriv EscalationCredential TheftDoc Mismatch
Manual upload Apr 5, 2026
Open Report ↗
1 / 6
Next →