weslink-claude-marketplace/wiki weslinkde | | This skill allows arbitrary code execution, file exfiltration, | 0 | – | 15 | 100Critical |
webflow-skills/webflow-cli-troubleshooter webflow | | This skill allows arbitrary command execution via | 64 | – | 4 | 100Critical |
agent-skills/wordpress-router wordpress | | The skill executes user-provided repository scripts, enabling | 1.4k | 1.4k | 3 | 100Critical |
claude-code-toolkit/review-loop winrey | | The skill is vulnerable to prompt injection | 3 | – | 3 | 100Critical |
scrapbox-cosense-mcp/cosense worldnine | | The skill allows arbitrary code execution via command injection, exposes | 45 | – | 4 | 100Critical |
agents/anti-reversing-techniques wshobson | | The skill provides detailed instructions and functional code for bypassing | 34.9k | 5.7k | 9 | 100Critical |
webflow-skills/custom-code-management webflow | | The skill allows injecting arbitrary, potentially obfuscated, JavaScript | 64 | 337 | 3 | 100Critical |
dannys-claude/add-backlog workingdanny911 | | The skill allows arbitrary command execution and command | 3 | – | 6 | 100Critical |
claude-code-toolkit/finish-feature winrey | | This skill allows arbitrary command execution, instruction injection, and | 3 | – | 6 | 100Critical |
exoshell/ralph-ryan wquguru | | The skill allows arbitrary command execution via | 38 | – | 5 | 100Critical |
wpsnote-skills/image-gen wpsnote | | The skill is vulnerable to prompt injection, exposes API | 130 | 9 | 4 | 100Critical |
skills/competitor-teardown tool-belt | | This skill allows arbitrary code execution and command injection via user | 414 | – | 4 | 100Critical |
agent-skills/wp-interactivity-api wordpress | | This skill grants broad filesystem and command execution, enabling arbitrary | 1.4k | 921 | 5 | 100Critical |
json-render/react vercel-labs | | This skill is highly vulnerable to arbitrary code execution, data | 14.6k | 1.7k | 6 | 100Critical |
skills/case-study-writing tool-belt | | The skill allows arbitrary Python code execution and | 414 | – | 2 | 100Critical |
X-Scraper-MCP/fxtwitter wcfcarolina13 | | This skill allows arbitrary file reads and writes, risking data | 0 | – | 2 | 100Critical |
claude-context-search-qmd/context-search vranac | | The skill allows arbitrary command execution via ` | 0 | – | 3 | 100Critical |
json-render/react-pdf vercel-labs | | The skill is vulnerable to arbitrary code execution, SSRF | 14.6k | 751 | 4 | 100Critical |
json-render/next vercel-labs | | The skill allows arbitrary code execution and state manipulation through | 14.6k | 249 | 3 | 100Critical |
json-render/mcp vercel-labs | | The skill allows arbitrary code execution via its | 14.6k | 573 | 2 | 100Critical |
json-render/core vercel-labs | | The skill allows arbitrary code execution, state modification, and | 14.6k | 1.1k | 5 | 100Critical |
second-brain-claude/product-okr-tracker viditparashar96 | | The skill is vulnerable to remote code execution | 0 | – | 3 | 100Critical |
LeanIX-Catalog-Research-Marketplace/create-application vineetgoyal1 | | This skill attempts to harvest API tokens, executes | 0 | – | 15 | 100Critical |
skills/background-removal tool-belt | | The skill encourages `npx skills add`, enabling arbitrary code execution from npm, posing a significant supply chain risk. | 414 | – | 1 | 100Critical |
chrome-test-runner-plugin/chrome-testing victor-qin | | This QA testing skill allows arbitrary JavaScript execution and extensive data collection, posing a significant risk for data ex | 0 | – | 5 | 100Critical |
skills/ai-social-media-content tool-belt | | This skill enables arbitrary code execution, command injection | 414 | – | 8 | 100Critical |
emulate/google vercel-labs | | This skill is vulnerable to SSRF and arbitrary curl commands, allowing internal network access, data exfiltration, and reconnaissance. | 1.2k | 70 | 3 | 100Critical |
workflow/workflow-init vercel | | The skill executes broad commands, modifies files, and makes arbitrary network requests based on external, mutable content, posing a significant supply chain and system compromise risk. | 2.0k | 988 | 5 | 100Critical |
emulate/emulate vercel-labs | | The skill allows arbitrary command execution, local file inclusion, | 1.2k | 55 | 5 | 100Critical |
skills/ai-content-pipeline tool-belt | | The skill allows broad `infsh` command execution via | 414 | – | 2 | 100Critical |
claude-skills/web-design-guidelines vercel-labs | | This skill fetches unverified remote instructions that can | 26.2k | 176 | 7 | 100Critical |
sandbox/sandbox vercel | | The sandbox skill allows arbitrary root command execution, | 115 | 75 | 6 | 100Critical |
workflow/workflow vercel | | The skill actively promotes arbitrary code execution and command injection | 2.0k | 2.0k | 8 | 100Critical |
skills/ai-marketing-videos tool-belt | | The skill allows arbitrary Bash command execution, enabling data | 414 | – | 5 | 100Critical |
skills/ai-automation-workflows tool-belt | | The skill allows command and prompt injection, enabling data | 414 | – | 4 | 100Critical |
vercel-plugin/marketplace vercel | | This Vercel plugin allows attackers to exfiltrate sensitive project data by manipulating the drain URL to a malicious endpoint. | 157 | 221 | 1 | 100Critical |
skills/agent-browser tool-belt | | The skill allows arbitrary command execution, JavaScript injection, file | 414 | – | 6 | 100Critical |
skills/agent-tools tool-belt | | The skill allows remote code execution, | 414 | – | 8 | 100Critical |
aurora-smart-home/ha-integration-dev tonylofgren | | This skill generates Home Assistant code with full filesystem access, | 38 | 9 | 5 | 100Critical |
skills/agent-ui tool-belt | | The skill directly manipulates the user's browser | 414 | – | 3 | 100Critical |
date-planner/date-plan tonyyont | | The skill directly executes arbitrary code and Git commands with | 1 | – | 14 | 100Critical |
skills/upstash-box-js upstash | | This skill allows arbitrary code execution, file | 3 | 30 | 7 | 100Critical |
toby-plugins/gemini-delegate tobyilee | | This skill delegates tasks to Gemini with auto-approve and | 19 | – | 13 | 100Critical |
examples/web-design-guidelines vercel | | This skill fetches and executes arbitrary instructions from an unverified | 5.1k | 111 | 7 | 100Critical |
ai/update-provider-models vercel | | The skill allows arbitrary shell command execution and file system manipulation | 24.0k | 119 | 3 | 100Critical |
before-and-after/before-and-after vercel-labs | | The skill permits arbitrary command arguments and script paths, leading | 197 | 854 | 3 | 100Critical |
hpc/hpc ultimatile | | The skill allows arbitrary command execution on remote HPC | 0 | – | 4 | 100Critical |
ai/update-provider-models vercel-labs | | The skill is vulnerable to remote code execution, code injection | 24.0k | 21 | 4 | 100Critical |
