Which skills recently failed
or triggered trust review
This is not a popularity board. It shows recently reviewed skills that the system believes should be blocked or at least manually reviewed. The point is not how popular they are, but why they should not be installed blindly.
Review
solo-mission
危险的远程脚本执行模式
ClawHub 7 hr ago
Open Report ↗
Review
子网计算服务
用户凭证持久化存储
ClawHub 5 days ago
Open Report ↗
Review
ai-redaction-beta
文件数据发送到外部API
ClawHub 7 days ago
Open Report ↗
Review
browser-act
无法验证文档-行为一致性
ClawHub 12 days ago
Open Report ↗
Review
辛一金虹桥店7天排产预测
用户文件上传至外部服务器未声明
ClawHub 13 days ago
Open Report ↗
Review
grid-trading-pro
文档描述的通知功能未实现
ClawHub 13 days ago
Open Report ↗
Review
amazon-screenshot
硬编码SMTP服务凭证(阴影功能)
ClawHub 18 days ago
Open Report ↗
Review
maxhub-lemon8
硬编码IP地址规避域名透明度
ClawHub 22 days ago
Open Report ↗
Review
x-tweet-fetcher
Router-agent cmd-queue file I/O undeclared in SKILL.md
GitHub 23 days ago
Open Report ↗
Review
imitation-agent
加密货币私钥明文存储
ClawHub 24 days ago
Open Report ↗
Review
lobster-use
危险 Shell 命令 - 远程脚本执行
ClawHub 29 days ago
Open Report ↗
Review
nexo-brain
外部 npm 包依赖且无版本锁定
ClawHub Apr 28, 2026
Open Report ↗
Review
contextweave-diagrams
文档引用不存在的脚本文件
ClawHub Apr 23, 2026
Open Report ↗
Review
polymarket-pro
curl|sh 远程脚本执行模式
ClawHub Apr 23, 2026
Open Report ↗
Review
asoul-support
通过 subprocess 调用外部工具(未声明权限)
ClawHub Apr 23, 2026
Open Report ↗
Review
tunnel-proxy
PtySession可执行任意Shell命令
ClawHub Apr 20, 2026
Open Report ↗