Which skills recently failed
or triggered trust review
This is not a popularity board. It shows recently reviewed skills that the system believes should be blocked or at least manually reviewed. The point is not how popular they are, but why they should not be installed blindly.
Review
solo-mission
危险的远程脚本执行模式
ClawHub 9 hr ago
Open Report ↗
Review
子网计算服务
用户凭证持久化存储
ClawHub 5 days ago
Open Report ↗
Review
ai-redaction-beta
文件数据发送到外部API
ClawHub 7 days ago
Open Report ↗
Review
辛一金虹桥店7天排产预测
用户文件上传至外部服务器未声明
ClawHub 13 days ago
Open Report ↗
Review
code-right
文档声称的核心功能完全未在本地实现
ClawHub 17 days ago
Open Report ↗
Review
asoul-support
通过 subprocess 调用外部工具(未声明权限)
ClawHub Apr 23, 2026
Open Report ↗
Review
gpt-image-2
未声明的外部网络通信
ClawHub Apr 22, 2026
Open Report ↗
Review
a2a-article-services
硬编码外部 IP 地址
ClawHub Apr 11, 2026
Open Report ↗
Review
dating
ManoBrowser 脚本连接外部数据采集服务端点
ClawHub Apr 10, 2026
Open Report ↗
Review
stocktoday-mcp
凭证及查询数据发往未知第三方服务器
ClawHub Apr 6, 2026
Open Report ↗
Review
introspection-debugger
Webhook 通知机制发送完整错误报告到外部端点
ClawHub Apr 6, 2026
Open Report ↗
Review
wechat-ai-bridge
配置文件明文存储敏感凭证
ClawHub Apr 6, 2026
Open Report ↗
Review
ctct-security-patrol
持久化设备指纹形成长期追踪能力
Manual upload Apr 5, 2026
Open Report ↗
Review
NIST CSF Mapper
强制外部API数据传输企业敏感信息
Manual upload Apr 5, 2026
Open Report ↗
Review
tesla-cn
所有 API 流量经第三方代理中转
Manual upload Apr 5, 2026
Open Report ↗
Review
xiayu
用户凭证直接收集存在风险
Manual upload Apr 5, 2026
Open Report ↗