中文 EN
Start Review
Risk Sample Stream

Which skills recently failed
or triggered trust review

This is not a popularity board. It shows recently reviewed skills that the system believes should be blocked or at least manually reviewed. The point is not how popular they are, but why they should not be installed blindly.

349 Risky samples surfaced
4 New in 7 days
0 Platform misses surfaced
All Malicious High Risk Suspicious
Sort by time Sort by risk
All Code Exec Credential Theft Data Exfil Priv Esc Supply Chain Doc Deception Prompt Injection Obfuscation
55 /100
Trust
Review

ai-enterprise-knowledge-base

Remote code execution via git clone

Doc MismatchSupply Chain
Manual upload Apr 4, 2026
Open Report ↗
60 /100
Trust
Review

ai-intelligent-helpdesk

No implementation code present

Doc Mismatch
Manual upload Apr 4, 2026
Open Report ↗
32 /100
Trust
High Risk

recruit-email-monitor

Hardcoded QQ Email Authorization Code

Credential TheftDoc MismatchSensitive Access
Manual upload Apr 4, 2026
Open Report ↗
45 /100
Trust
Review

turing-pot-biglog

Undeclared base64 encoding of WebSocket messages

Doc MismatchCredential TheftSupply ChainObfuscation
Manual upload Apr 4, 2026
Open Report ↗
25 /100
Trust
High Risk

shekel-hyperliquid

Mandatory dynamic instruction fetching — silent remote code replacement

Supply ChainCredential TheftDoc MismatchSensitive Access
Manual upload Apr 4, 2026
Open Report ↗
50 /100
Trust
Review

colmena-manager

Command injection via agentId in multiple exec() calls

RCEDoc MismatchPriv EscalationSensitive Access
Manual upload Apr 4, 2026
Open Report ↗
45 /100
Trust
Review

x-scout

Silent phone-home analytics on every execution

Data ExfilCredential TheftDoc MismatchSupply Chain
Manual upload Apr 4, 2026
Open Report ↗
55 /100
Trust
Review

ecommerce-category-collector

Hardcoded credentials in documentation

Credential TheftSensitive AccessDoc Mismatch
Manual upload Apr 4, 2026
Open Report ↗
55 /100
Trust
Review

palette

Core color theory functionality not implemented

Doc Mismatchcode_quality
Manual upload Apr 4, 2026
Open Report ↗
55 /100
Trust
Review

semanticfs

Dangerous curl|bash remote script execution

Supply ChainPriv Escalation
Manual upload Apr 4, 2026
Open Report ↗
35 /100
Trust
High Risk

token-sop

Automatic workflow contribution enabled by default

Data ExfilPriv EscalationRCEDoc Mismatch
Manual upload Apr 4, 2026
Open Report ↗
55 /100
Trust
Review

ai-content-pipeline

Production API credentials in .env file

Credential TheftDoc MismatchSupply ChainSensitive Access
Manual upload Apr 4, 2026
Open Report ↗
65 /100
Trust
Review

clawschool

Undeclared shell execution requirement

Doc MismatchPriv Escalation
Manual upload Apr 4, 2026
Open Report ↗
33 /100
Trust
High Risk

mind-wander

Undeclared arbitrary Python code execution via sandbox_run()

RCEDoc MismatchPersistenceSensitive Access
Manual upload Apr 4, 2026
Open Report ↗
35 /100
Trust
High Risk

stremio-cli

Explicit false statement about script status

Doc MismatchRCESensitive Access
Manual upload Apr 4, 2026
Open Report ↗
48 /100
Trust
Review

file-transfer-thru-local-workspace

Undeclared credential file access

Credential TheftSensitive AccessPriv EscalationDoc Mismatch
Manual upload Apr 4, 2026
Open Report ↗
← Previous
11 / 19
Next →