Which skills recently failed
or triggered trust review
This is not a popularity board. It shows recently reviewed skills that the system believes should be blocked or at least manually reviewed. The point is not how popular they are, but why they should not be installed blindly.
Review
harbor-openclaw
Undeclared network behavior on first load
Manual upload Apr 5, 2026
Open Report ↗
Review
airoom.ltd-Global-Finance-Data-Platform
HTTP target URL without TLS encryption
Manual upload Apr 5, 2026
Open Report ↗
High Risk
face-analysis
Hardcoded Database Credentials in config.yaml
Manual upload Apr 5, 2026
Open Report ↗
Review
imap-idle-sneder
Hardcoded email credentials in source code
Manual upload Apr 5, 2026
Open Report ↗
Review
OnionClaw
Missing implementation code—only documentation present
Manual upload Apr 5, 2026
Open Report ↗
Review
sshot
Critical script artifact not included in package
Manual upload Apr 5, 2026
Open Report ↗
Review
authenticate-wallet
Unversioned npm package execution
Manual upload Apr 5, 2026
Open Report ↗
Review
Receipt Logger
Implementation script missing — documented functionality absent
Manual upload Apr 5, 2026
Open Report ↗
Review
Memory Pruner
Referenced implementation files are missing
Manual upload Apr 5, 2026
Open Report ↗
Review
Self-Audit
Declared entry point does not exist
Manual upload Apr 5, 2026
Open Report ↗
High Risk
heycube-setup
Undeclared persistent hook installation
Manual upload Apr 5, 2026
Open Report ↗
High Risk
Email Analyzer
Hardcoded Email Authorization Code
Manual upload Apr 5, 2026
Open Report ↗
Review
complianceradar-ai-monitor
Suspicious 'empire-skills' branding
Manual upload Apr 5, 2026
Open Report ↗
Review
evolution-watcher
Documentation mismatch - file modification not declared
Manual upload Apr 5, 2026
Open Report ↗
Review
toq
Missing allowed-tools declaration
Manual upload Apr 5, 2026
Open Report ↗
Review
gequhai-music
Hardcoded Synology password not declared in documentation
Manual upload Apr 5, 2026
Open Report ↗