Which skills recently failed
or triggered trust review
This is not a popularity board. It shows recently reviewed skills that the system believes should be blocked or at least manually reviewed. The point is not how popular they are, but why they should not be installed blindly.
Review
gpt-image-2
未声明的外部网络通信
ClawHub Apr 22, 2026
Open Report ↗
Review
auto-skill-hunter
权限声明与实际能力严重不符
ClawHub Apr 19, 2026
Open Report ↗
Review
E-SafeNet (suspected from encoded content)
SKILL.md 包含异常编码内容
ClawHub Apr 12, 2026
Open Report ↗
Review
wip-readme-format
未声明的文件系统写入权限
ClawHub Apr 6, 2026
Open Report ↗
Review
115-skills
User-Agent包含可疑硬编码IP
ClawHub Apr 6, 2026
Open Report ↗
Review
asiasea-bi
API认证凭证通过Base64编码嵌入可公开访问的HTML
Manual upload Apr 5, 2026
Open Report ↗
Review
ClawSentry
代码高度混淆难以审计
Manual upload Apr 5, 2026
Open Report ↗
Review
gequhai-music
Hardcoded Synology password not declared in documentation
Manual upload Apr 5, 2026
Open Report ↗
Review
turing-pot-biglog
Undeclared base64 encoding of WebSocket messages
Manual upload Apr 4, 2026
Open Report ↗
Review
castreader
Undeclared network requests to external API
Manual upload Apr 4, 2026
Open Report ↗
Review
openclaw-usage-manager
API tokens stored in plaintext on disk
Manual upload Apr 4, 2026
Open Report ↗
Review
feishu-evolver-wrapper
Dynamic code evaluation on untrusted input
Manual upload Apr 4, 2026
Open Report ↗