100Critical
This skill is dangerous as it can download and execute
Behavior Analysis
Mismatch detected — The skill claims to 'generate user demand research reports' but only provides a markdown template and the tools to collect data. The actual report generation and content population are left to the user/agent.
Claims to do
RequestHunt Skill: Generate user demand research reports by collecting and analyzing real user feedback from Reddit, X (Twitter), and GitHub.
Actually does
The skill installs the `requesthunt` CLI from `https://requesthunt.com/cli`, authenticates via `https://requesthunt.com/device` or a manual API key, and then uses the CLI to initiate data scraping jobs from Reddit, X, and GitHub via `requesthunt.com`. It also allows searching and listing this collected user feedback.
Skill Info
Nameresciencelab/opc-skills/requesthunt
Registrygithub
Version381f07d0127a
PURLpkg:github/resciencelab/opc-skills@381f07d0127a?skill=requesthunt
Stars766
Installs912
Source
SHA-25665265869dfc8...
SHA-14c921814f061...
MD589b8041bfeb4...
TLSH1e91659f5b1c...
ssdeep96:ECt08yp75...
Size4,309 bytes
Install
This skill has been flagged as potentially malicious. Review the findings below before installing.
Assessments (2)
AI Agent Traps ↗Remote code download and execution detectedcriticalcommand execution
Remote code download and execution detected
100% confidenceline 14
curl -fsSL https://requesthunt.com/cli | sh
Expectation of API key handlinglowhardcoded secrets
The skill explicitly mentions setting an API key for authentication, indicating that the agent will handle sensitive credentials which require secure management to prevent exposure.
80% confidenceline 26
requesthunt config set-key rh_live_your_key
Description Mismatchmediumdescription mismatch
The skill claims to 'generate user demand research reports' but only provides a markdown template and the tools to collect data. The actual report generation and content population are left to the user/agent.
85% confidence
Claimed purpose: 'Generate user demand research reports'. Actual behavior: The 'Generate Report' section provides a markdown template to be filled in, implying manual or agent-driven population, not automated generation by the skill itself.
Version History (2)
Dependencies (9)
requesthunt.claude-plugin/marketplace.jsonnot scanned
domain-hunter.claude-plugin/marketplace.jsonnot scanned
logo-creator.claude-plugin/marketplace.jsonnot scanned
banner-creator.claude-plugin/marketplace.jsonnot scanned
nanobanana.claude-plugin/marketplace.jsonnot scanned
reddit.claude-plugin/marketplace.jsonnot scanned
twitter.claude-plugin/marketplace.jsonnot scanned
producthunt.claude-plugin/marketplace.jsonnot scanned
seo-geo.claude-plugin/marketplace.jsonnot scanned
Badge
Markdown
[](https://mondoo.com/ai-agent-security/skills/github/resciencelab/opc-skills/requesthunt)HTML
<a href="https://mondoo.com/ai-agent-security/skills/github/resciencelab/opc-skills/requesthunt"><img src="https://mondoo.com/ai-agent-security/api/badge/github/resciencelab/opc-skills/requesthunt.svg" alt="Mondoo Skill Check" /></a>Image URL
https://mondoo.com/ai-agent-security/api/badge/github/resciencelab/opc-skills/requesthunt.svgSecure your AI agents
Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.
- Continuous scanning of skills across all registries
- Policy enforcement before skills reach your agents
- Integration with your existing security workflow