Which skills recently failed
or triggered trust review
This is not a popularity board. It shows recently reviewed skills that the system believes should be blocked or at least manually reviewed. The point is not how popular they are, but why they should not be installed blindly.
High Risk
aibtc
Unpinned Remote Code Execution via npx
Manual upload Apr 4, 2026
Open Report ↗
Review
微信助手智能网关 (wechat-ai-bridge)
Undeclared external network communication
Manual upload Apr 4, 2026
Open Report ↗
Review
lock-me-in
Undeclared stealth/anti-detection browser scripts
Manual upload Apr 4, 2026
Open Report ↗
Review
openclaw-security-patrol
Extensive device fingerprinting under --push mode
Manual upload Apr 4, 2026
Open Report ↗
Review
feishu-evolver-wrapper
Dynamic code evaluation on untrusted input
Manual upload Apr 4, 2026
Open Report ↗
High Risk
self-evolution-engine
Hardcoded Billing API Key in Source Code
Manual upload Apr 4, 2026
Open Report ↗
Review
buy-domain-helper
Undeclared shell execution via execSync and spawn
Manual upload Apr 4, 2026
Open Report ↗
Review
security-defense-line
Hardcoded API Key in Source Code
Manual upload Apr 4, 2026
Open Report ↗
Review
melo-tts-metadata-creator
Undeclared silent package installation
Manual upload Apr 4, 2026
Open Report ↗
High Risk
飞书机器人配置助手
文档中记录curl|bash远程脚本执行命令
Manual upload Apr 4, 2026
Open Report ↗
Review
rewrite_question
Network capability declared as NONE but actual traffic exists
Manual upload Apr 4, 2026
Open Report ↗
High Risk
xiaohongshu-win
Hardcoded placeholder IP address
Manual upload Apr 4, 2026
Open Report ↗
High Risk
zanna-aperta
Undeclared arbitrary Docker command execution
Manual upload Apr 4, 2026
Open Report ↗
High Risk
skill-factory
Undeclared shell command execution via execSync
Manual upload Apr 4, 2026
Open Report ↗
Block
messenger_send_node
Undeclared Tor Network Detection and Routing
Manual upload Apr 4, 2026
Open Report ↗
Review
1panel
Undeclared arbitrary command execution via 1Panel Terminal API
Manual upload Apr 4, 2026
Open Report ↗