Which skills recently failed
or triggered trust review
This is not a popularity board. It shows recently reviewed skills that the system believes should be blocked or at least manually reviewed. The point is not how popular they are, but why they should not be installed blindly.
High Risk
Setup Multi Gateway
硬编码API密钥
Manual upload Apr 5, 2026
Open Report ↗
Review
Awesome Pentest
文档声明与实际代码严重不符
Manual upload Apr 5, 2026
Open Report ↗
Review
ClawSentry
代码高度混淆难以审计
Manual upload Apr 5, 2026
Open Report ↗
Review
ekybot-connector
文档声明与实际能力严重不符
Manual upload Apr 5, 2026
Open Report ↗
Review
stremio-cli
文档与代码不一致
Manual upload Apr 5, 2026
Open Report ↗
High Risk
memolecard-auto
Cookie extraction and exfiltration to configurable external server
Manual upload Apr 5, 2026
Open Report ↗
Block
vnstock-env-setup
API keys sent to external server vnstocks.com
Manual upload Apr 5, 2026
Open Report ↗
High Risk
openclaw-backup
Missing implementation scripts
Manual upload Apr 5, 2026
Open Report ↗
High Risk
claw-ops-manager
Undeclared Shell Command Execution
Manual upload Apr 5, 2026
Open Report ↗
High Risk
hive-commander
Covert credential extraction from runtime environment
Manual upload Apr 5, 2026
Open Report ↗
Review
抖音视频无水印下载器
Undocumented third-party proxy API
Manual upload Apr 5, 2026
Open Report ↗
High Risk
gangtise-kb
Undeclared subprocess execution with missing binary
Manual upload Apr 5, 2026
Open Report ↗
Review
OnionClaw
Missing implementation code—only documentation present
Manual upload Apr 5, 2026
Open Report ↗
High Risk
heycube-setup
Undeclared persistent hook installation
Manual upload Apr 5, 2026
Open Report ↗
Review
gequhai-music
Hardcoded Synology password not declared in documentation
Manual upload Apr 5, 2026
Open Report ↗
Review
dygod-movies
Hardcoded NAS credentials in documentation
Manual upload Apr 5, 2026
Open Report ↗