Back to plugin

Security audit

Last30days Zh

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate recent-research skill that uses an AISA API key and bundled Python scripts, though the registry requirements summary seems incomplete.

Before installing, treat this as a code-running research plugin, not just a text prompt. It will send your research queries and retrieved public-source content to AISA at api.aisa.one using your AISA_API_KEY, plus make public-source requests such as Reddit and Hacker News. The required API key is coherent with the skill’s purpose, but the registry’s requirements summary appears incomplete, so rely on the manifest/SKILL.md rather than the summary. Only set AISA_BASE_URL or XIAOHONGSHU_API_BASE if you trust the endpoint you are pointing it at.

VirusTotal

No VirusTotal findings

View on VirusTotal

Static analysis

No suspicious patterns detected.