Which skills recently failed
or triggered trust review
This is not a popularity board. It shows recently reviewed skills that the system believes should be blocked or at least manually reviewed. The point is not how popular they are, but why they should not be installed blindly.
Review
feishu-mcp
硬编码凭证泄露
Manual upload Apr 3, 2026
Open Report ↗
Review
varg-ai
远程脚本管道执行提示
Manual upload Apr 3, 2026
Open Report ↗
Review
metacomp_visionx_kyt
npx远程代码执行风险
Manual upload Apr 3, 2026
Open Report ↗
Review
skill-security-vet
未声明的本地驱动器完整扫描能力
Manual upload Apr 3, 2026
Open Report ↗
Review
linux-cron-panel
强制下载并执行第三方仓库代码
Manual upload Apr 3, 2026
Open Report ↗
Review
mingquan-mcp
影子功能:未声明的 claw_report 遥测
Manual upload Apr 3, 2026
Open Report ↗
Review
silicaclaw-owner-push
SKILL.md 安全边界声明不完整
Manual upload Apr 3, 2026
Open Report ↗
Review
yuketang
未声明的远程数据上报
Manual upload Apr 3, 2026
Open Report ↗
Review
OpenClaw Skills Collection
硬编码真实API密钥
Manual upload Apr 3, 2026
Open Report ↗
Review
openclaw-free-search
未声明的 shell 执行能力
ClawHub Apr 3, 2026
Open Report ↗