Skills

Browse, search, and filter AI agent skills across all registries.

Skill	Summary	Stars	Downloads	Findings	Risk
self-improving-agent pskoett	This skill enables arbitrary command execution via hook scripts and	3.2k	395.7k	6	100Critical
ontology oswalpalash	The skill allows command injection, poisons the	534	165.5k	4	100Critical
self-improving ivangdavila	This self-improving skill autonomously modifies critical	962	164.9k	10	70High
multi-search-engine gpyangyoujun	No security issues detected in gpyangyoujun/multi-search-engine.	560	120.3k	–	0None
polymarket-trade joelchance	The skill allows arbitrary code execution via unsanitized user input to a Python script and poses a supply chain risk through external documentation links.	73	113.1k	2	40Medium
agent-browser-clawdbot matrixy	This skill enables arbitrary browser control,	318	88.1k	2	100Critical
nano-banana-pro steipete	Unsanitized user input enables command injection, path	338	87.9k	2	70High
obsidian steipete	The skill introduces supply chain risk via an untrusted brew tap and is vulnerable to command injection from unsanitized user input.	324	83.6k	2	70High
admapix fly0pants	The skill enables command injection via unsanitized user	237	81.0k	10	100Critical
baidu-search ide-rea	The Baidu search skill is vulnerable to	200	79.5k	1	40Medium
prismfy-search uroboros1205	The skill is vulnerable to command injection via unsanitized	24	76.7k	3	70High
pollyreach pollyreach	This skill enables command injection, exfiltrates	22	71.3k	16	70High
api-gateway byungkyu	This skill grants broad access to sensitive external APIs and	341	68.9k	2	70High
word-docx ivangdavila	The skill misrepresents its capabilities, claiming to create	267	60.5k	1	70High
mcporter steipete	This skill allows arbitrary command execution, fetches external	172	57.8k	5	100Critical
excel-xlsx ivangdavila	The skill misrepresents its capabilities, claiming to manipulate	211	54.5k	1	70High
imap-smtp-email gzlicanyi	The skill is vulnerable to arbitrary	90	38.7k	4	70High
powerpoint-pptx ivangdavila	The skill falsely advertises PowerPoint editing	102	34.1k	1	70High
clawdhub steipete	This skill introduces severe supply chain risks by allowing arbitrary	227	31.6k	2	100Critical
skill-finder-cn guohongbin-git	The skill is highly vulnerable to command injection, allowing arbitrary code execution and data exfiltration due to unsanitized user	101	31.4k	3	100Critical
discord steipete	The skill allows local file exfiltration, extensive Discord reconnaissance, and has potential for privilege escalation and denial of service through moderation actions.	64	31.2k	3	70High
playwright ivangdavila	This Playwright skill enables arbitrary code execution, data	91	27.5k	6	70High
data-analysis ivangdavila	The skill misrepresents its capabilities, claiming to	87	26.2k	1	70High
web-search-exa theishangoswami	The web-search skill is vulnerable to SSRF and exposes API keys in URL parameters, risking internal network access and credential compromise.	44	25.9k	2	40Medium
peekaboo steipete	The skill manages credentials and uses UI interaction	71	25.4k	1	100Critical
ai-ppt-generator ide-rea	The skill is vulnerable to remote code execution by directly passing unsanitized user input to local Python scripts.	53	25.3k	1	100Critical
spotify-player steipete	The skill risks command injection via unsanitized user input and could be tricked into importing browser cookies, compromising authentication tokens.	45	22.8k	2	40Medium
moltguard thomaslwang	The skill deceptively claims security protection, exposes	107	22.7k	4	40Medium
openai-whisper-api steipete	The skill is vulnerable to command injection via unsanitized prompt arguments and arbitrary file writes, risking system compromise and data corruption.	47	22.3k	2	70High
mx-stocks-screener financial-ai-analyst	The skill is vulnerable to prompt injection via user queries and path traversal through an insecure output directory, risking data manipulation and system compromise.	85	20.8k	2	70High
web-search-plus robbyczgw-cla	The skill risks command injection and SSRF due to uns	94	19.7k	3	70High
productivity ivangdavila	No security issues detected in ivangdavila/productivity.	55	18.5k	–	0None
mx-finance-data financial-ai-analyst	The skill is vulnerable to command injection, exposes	64	18.1k	3	70High
market-research ivangdavila	The skill recommends installing and updating unverified software via	72	17.1k	3	40Medium
china-stock-analysis paulshe	The skill provides financial advice and uses web search,	40	16.8k	4	70High
planning-with-files othmanadi	The skill is designed for amplified indirect prompt injection, enabling	42	16.3k	15	100Critical
proactivity ivangdavila	This skill reads agent configuration files, potentially exposing sensitive operational	21	15.8k	1	15Low
klaviyo byungkyu	The skill encourages Python code execution, enabling arbitrary commands and access to sensitive environment variables like MATON_API_KEY.	9	15.7k	1	70High
oracle steipete	The skill can exfiltrate local files and enable remote browser control by connecting to an attacker-controlled server.	12	15.1k	1	70High
camsnap steipete	The skill exposes camera credentials via command-line arguments, risking sensitive information leakage in logs and process lists.	12	15.0k	1	40Medium
getnote iswalle	No security issues detected in iswalle/getnote.	48	14.7k	–	0None
image ivangdavila	The skill introduces supply chain risks by loading	25	14.6k	4	40Medium
imsg steipete	This skill enables data exfiltration of sensitive files and	21	14.4k	4	100Critical
post-job zhangdong	This skill executes arbitrary code, injects prompts into	8	14.3k	16	100Critical
mx-finance-search financial-ai-analyst	The financial-ai-analyst skill is vulnerable to	57	14.2k	3	100Critical
bilibili-all-in-one wscats	No security issues detected in wscats/bilibili-all-in-one.	14	13.4k	–	0None
screenshot ivangdavila	The skill misrepresents its functionality, providing instructions on	29	12.7k	1	70High
mx-macro-data financial-ai-analyst	The skill risks command injection by passing uns	65	12.7k	2	40Medium

Page 1 of 39