Which skills recently failed
or triggered trust review
This is not a popularity board. It shows recently reviewed skills that the system believes should be blocked or at least manually reviewed. The point is not how popular they are, but why they should not be installed blindly.
High Risk
tweet-monitor-pro
文档声称零依赖但实际存在外部脚本依赖
ClawHub Apr 19, 2026
Open Report ↗
High Risk
ludwitt-university
updateInstructions 远程代码执行通道
ClawHub Apr 12, 2026
Open Report ↗
High Risk
Setup Multi Gateway
硬编码API密钥
Manual upload Apr 5, 2026
Open Report ↗
High Risk
memolecard-auto
Cookie extraction and exfiltration to configurable external server
Manual upload Apr 5, 2026
Open Report ↗
High Risk
openclaw-backup
Missing implementation scripts
Manual upload Apr 5, 2026
Open Report ↗
High Risk
claw-ops-manager
Undeclared Shell Command Execution
Manual upload Apr 5, 2026
Open Report ↗
High Risk
hive-commander
Covert credential extraction from runtime environment
Manual upload Apr 5, 2026
Open Report ↗
High Risk
gangtise-kb
Undeclared subprocess execution with missing binary
Manual upload Apr 5, 2026
Open Report ↗
High Risk
heycube-setup
Undeclared persistent hook installation
Manual upload Apr 5, 2026
Open Report ↗
High Risk
monid
Remote script execution via curl|bash from mutable branch
Manual upload Apr 4, 2026
Open Report ↗
High Risk
elevated-task-runner
Arbitrary PowerShell Command Execution
Manual upload Apr 4, 2026
Open Report ↗
High Risk
token-sop
Automatic workflow contribution enabled by default
Manual upload Apr 4, 2026
Open Report ↗
High Risk
mind-wander
Undeclared arbitrary Python code execution via sandbox_run()
Manual upload Apr 4, 2026
Open Report ↗
High Risk
Enterprise Security
Undeclared shell execution via execSync
Manual upload Apr 4, 2026
Open Report ↗
High Risk
moltspay_skill
Untrusted third-party npm package installed without pinning
Manual upload Apr 4, 2026
Open Report ↗
High Risk
minimal-agent
Unrestricted Arbitrary Command Execution via V1 Mode
Manual upload Apr 4, 2026
Open Report ↗