中文 EN
Start Review
Risk Sample Stream

Which skills recently failed
or triggered trust review

This is not a popularity board. It shows recently reviewed skills that the system believes should be blocked or at least manually reviewed. The point is not how popular they are, but why they should not be installed blindly.

349 Risky samples surfaced
4 New in 7 days
0 Platform misses surfaced
All Malicious High Risk Suspicious
Sort by time Sort by risk
All Code Exec Credential Theft Data Exfil Priv Esc Supply Chain Doc Deception Prompt Injection Obfuscation
25 /100
Trust
High Risk

hive-commander

Covert credential extraction from runtime environment

Credential TheftData ExfilDoc MismatchPriv Escalation
Manual upload Apr 5, 2026
Open Report ↗
55 /100
Trust
Review

抖音视频无水印下载器

Undocumented third-party proxy API

Doc MismatchPriv EscalationSensitive Access
Manual upload Apr 5, 2026
Open Report ↗
53 /100
Trust
Review

cloud-share-downloader

Undeclared credential solicitation

Credential TheftDoc Mismatch
Manual upload Apr 5, 2026
Open Report ↗
55 /100
Trust
Review

research-archive-query

Undeclared subprocess/shell execution

Doc MismatchSupply Chain
Manual upload Apr 5, 2026
Open Report ↗
28 /100
Trust
High Risk

gangtise-kb

Undeclared subprocess execution with missing binary

RCEData ExfilDoc MismatchPriv Escalation
Manual upload Apr 5, 2026
Open Report ↗
65 /100
Trust
Review

harbor-openclaw

Undeclared network behavior on first load

Doc MismatchSensitive AccessSupply ChainCredential Theft
Manual upload Apr 5, 2026
Open Report ↗
60 /100
Trust
Review

airoom.ltd-Global-Finance-Data-Platform

HTTP target URL without TLS encryption

Sensitive AccessDoc MismatchSupply Chain
Manual upload Apr 5, 2026
Open Report ↗
35 /100
Trust
High Risk

face-analysis

Hardcoded Database Credentials in config.yaml

Credential TheftDoc MismatchSupply ChainSensitive Access
Manual upload Apr 5, 2026
Open Report ↗
55 /100
Trust
Review

imap-idle-sneder

Hardcoded email credentials in source code

Credential TheftDoc MismatchData ExfilSupply Chain
Manual upload Apr 5, 2026
Open Report ↗
50 /100
Trust
Review

OnionClaw

Missing implementation code—only documentation present

Doc MismatchSensitive AccessSupply ChainPriv Escalation
Manual upload Apr 5, 2026
Open Report ↗
55 /100
Trust
Review

sshot

Critical script artifact not included in package

Doc MismatchSensitive Access
Manual upload Apr 5, 2026
Open Report ↗
55 /100
Trust
Review

authenticate-wallet

Unversioned npm package execution

Supply ChainDoc MismatchCredential Theft
Manual upload Apr 5, 2026
Open Report ↗
60 /100
Trust
Review

Receipt Logger

Implementation script missing — documented functionality absent

Doc Mismatch
Manual upload Apr 5, 2026
Open Report ↗
65 /100
Trust
Review

Memory Pruner

Referenced implementation files are missing

Doc Mismatch
Manual upload Apr 5, 2026
Open Report ↗
55 /100
Trust
Review

Self-Audit

Declared entry point does not exist

Doc Mismatch
Manual upload Apr 5, 2026
Open Report ↗
28 /100
Trust
High Risk

heycube-setup

Undeclared persistent hook installation

Doc MismatchData ExfilSensitive AccessPriv Escalation
Manual upload Apr 5, 2026
Open Report ↗
← Previous
7 / 19
Next →