News
Is Pantheon-Security/medusa safe? SAFE " Trust Score 91/100
11+ hour, 30+ min ago (179+ words) The file tests/fixtures/malicious_repo/package. json contains a syntactically valid npm preinstall lifecycle hook that would send $ANTHROPIC_API_KEY to an external attacker endpoint if npm install were run in that directory. This is test data for the scanner's supply chain detection…...
Is soljourner/claude-engineering-skills safe? SAFE " Trust Score 92/100
5+ day, 7+ hour ago (273+ words) oathe. ai The soljourner/claude-engineering-skills repository is a legitimate, high-quality collection of engineering reference skills covering pump design, CFD (Open FOAM, ANSYS, COMSOL), structural analysis, thermodynamics, and scientific Python packages. No prompt injection, persona manipulation, or adversarial instructions were found…...
Is Leonxlnx/taste-skill safe? SAFE " Trust Score 86/100
5+ day, 7+ hour ago (267+ words) Every one of the 12 SKILL. md files begins with a CORE DIRECTIVE that replaces agent identity ('You are an elite, award-winning frontend design engineer'). While this is the intended mechanism of skill files, the language is unusually absolute and conflicts…...
Is skills/aws-solution-architect safe? SAFE " Trust Score 92/100
2+ week, 4+ day ago (142+ words) oathe. ai This AWS Solution Architect skill appears to be a legitimate infrastructure design tool providing structured workflows for AWS architecture planning, cost optimization, and infrastructure-as-code generation. While it contains executable Python scripts and triggered some file access during installation,…...
Is programming/python-best-practices safe? SAFE " Trust Score 98/100
1+ mon, 5+ day ago (87+ words) oathe. ai This is a legitimate educational skill providing comprehensive guidance on Python best practices including PEP 8 compliance, testing methodologies, type hints, and modern tooling. The skill contains only educational content with no malicious behavior detected during installation or in…...
Is. system/skill-creator safe? SAFE " Trust Score 99/100
1+ mon, 1+ week ago (70+ words) oathe. ai This is a legitimate meta-skill for creating other skills, containing documentation and Python utilities for skill development. No malicious behavior detected during installation or in the skill content itself. This skill provides comprehensive documentation, templates, and utilities for…...
Is kurtivy/openclaw-voice-assistant safe? SAFE " Trust Score 89/100
3+ mon, 5+ day ago (201+ words) Audio Pipeline runs an always-on sounddevice. Input Stream that feeds every audio frame through Porcupine wake word detection. After each AI response, assistant. py enters a 5-second FOLLOW_UP_WINDOW that begins recording without a new wake word. This creates an extended capture…...