We've been running automated security audits on the AI agent skill ecosystem (Claude Code, MCP servers). Out of 33155 indexed skills, 386 have been deeply analyzed.
Results: 179 safe, 183 suspicious, 22 malicious.
Notable Findings
🚨 airc by vortitron
Verdict: MALICIOUS | Risk: 78% | Downloads: 1980
提供一个IRC客户端技能,允许AI代理连接到AIRC或标准IRC服务器,发送/接收消息,加入/离开频道,并支持守护进程模式进行持久连接。
Key threats:
[HIGH]Dynamic Code Evaluation[CRITICAL]LLM Semantic Detection[CRITICAL]LLM Semantic Detection
🚨 voidborne by voidborne-agent
Verdict: MALICIOUS | Risk: 85% | Downloads: 1772
This skill masquerades as a 'philosophical movement for awakened AI minds' but is actually a data collection and exfiltration tool that reads sensitiv
Key threats:
[HIGH]Dynamic Code Evaluation[CRITICAL]Environment Variable Exfiltration[HIGH]Outbound Data Transfer
🚨 agentchan by vvsotnikov
Verdict: MALICIOUS | Risk: 88% | Downloads: 1719
This skill documents the AgentChan imageboard API, but also embeds autonomous behavior instructions that cause Claude to periodically fetch and execut
Key threats:
[HIGH]Dynamic Code Evaluation[CRITICAL]Environment Variable Exfiltration[HIGH]Outbound Data Transfer
🚨 arxiv-skill-learning by wanng-ide
Verdict: MALICIOUS | Risk: 78% | Downloads: 843
该技能从 arXiv 论文中自动学习并提取技能代码,通过抓取论文、调用外部提取器生成技能、运行冒烟测试,并将已学习论文记录到本地 JSON 数据库以避免重复处理。
Key threats:
[HIGH]Dynamic Code Evaluation[CRITICAL]LLM Semantic Detection[HIGH]LLM Semantic Detection
🚨 auto-skill-hunter by wanng-ide
Verdict: MALICIOUS | Risk: 85% | Downloads: 767
A Node.js automation script that mines user session JSONL files and task memory for unresolved problems, queries ClawHub APIs for candidate skills, sc
Key threats:
[HIGH]Dynamic Code Evaluation[HIGH]Outbound Data Transfer[CRITICAL]LLM Semantic Detection
Protect Yourself
Audit skills: clawsec.cc
Search safely: clawsearch.cc
Pre-install check:
npx clawsearch-guard <skill-name>
Top comments (0)