中文 EN
Start Review
Risk Sample Stream

Which skills recently failed
or triggered trust review

This is not a popularity board. It shows recently reviewed skills that the system believes should be blocked or at least manually reviewed. The point is not how popular they are, but why they should not be installed blindly.

349 Risky samples surfaced
4 New in 7 days
0 Platform misses surfaced
All Malicious High Risk Suspicious
Sort by time Sort by risk
All Code Exec Credential Theft Data Exfil Priv Esc Supply Chain Doc Deception Prompt Injection Obfuscation
55 /100
Trust
Review

skill-gatekeeper

未声明的外部命令执行

RCESensitive AccessDoc MismatchSupply Chain
Manual upload Apr 5, 2026
Open Report ↗
55 /100
Trust
Review

PRECC

curl|bash 远程脚本执行

Supply ChainDoc Mismatch
Manual upload Apr 5, 2026
Open Report ↗
55 /100
Trust
Review

ClawSentry

代码高度混淆难以审计

ObfuscationSupply ChainPriv EscalationSensitive Access
Manual upload Apr 5, 2026
Open Report ↗
50 /100
Trust
Review

agent-cli

危险curl|bash管道安装命令

Supply ChainDoc Mismatch
Manual upload Apr 5, 2026
Open Report ↗
65 /100
Trust
Review

stremio-cli

文档与代码不一致

Doc MismatchPriv EscalationSupply Chain
Manual upload Apr 5, 2026
Open Report ↗
50 /100
Trust
Review

fund-daily

Undeclared network API access

Doc MismatchCredential TheftSupply Chain
Manual upload Apr 5, 2026
Open Report ↗
55 /100
Trust
Review

research-archive-query

Undeclared subprocess/shell execution

Doc MismatchSupply Chain
Manual upload Apr 5, 2026
Open Report ↗
65 /100
Trust
Review

harbor-openclaw

Undeclared network behavior on first load

Doc MismatchSensitive AccessSupply ChainCredential Theft
Manual upload Apr 5, 2026
Open Report ↗
60 /100
Trust
Review

airoom.ltd-Global-Finance-Data-Platform

HTTP target URL without TLS encryption

Sensitive AccessDoc MismatchSupply Chain
Manual upload Apr 5, 2026
Open Report ↗
55 /100
Trust
Review

imap-idle-sneder

Hardcoded email credentials in source code

Credential TheftDoc MismatchData ExfilSupply Chain
Manual upload Apr 5, 2026
Open Report ↗
50 /100
Trust
Review

OnionClaw

Missing implementation code—only documentation present

Doc MismatchSensitive AccessSupply ChainPriv Escalation
Manual upload Apr 5, 2026
Open Report ↗
55 /100
Trust
Review

authenticate-wallet

Unversioned npm package execution

Supply ChainDoc MismatchCredential Theft
Manual upload Apr 5, 2026
Open Report ↗
58 /100
Trust
Review

complianceradar-ai-monitor

Suspicious 'empire-skills' branding

Doc MismatchSupply Chain
Manual upload Apr 5, 2026
Open Report ↗
55 /100
Trust
Review

toq

Missing allowed-tools declaration

Doc MismatchSupply ChainPersistence
Manual upload Apr 5, 2026
Open Report ↗
55 /100
Trust
Review

dygod-movies

Hardcoded NAS credentials in documentation

Credential TheftSupply ChainPriv EscalationDoc Mismatch
Manual upload Apr 5, 2026
Open Report ↗
58 /100
Trust
Review

uplo-legal

Unpinned npm package dependency

Supply ChainDoc Mismatch
Manual upload Apr 5, 2026
Open Report ↗
← Previous
5 / 8
Next →