Security audit
Last30days Zh
Security checks across malware telemetry and agentic risk
Overview
This appears to be a legitimate recent-research skill that uses an AISA API key and bundled Python scripts, though the registry requirements summary seems incomplete.
Before installing, treat this as a code-running research plugin, not just a text prompt. It will send your research queries and retrieved public-source content to AISA at api.aisa.one using your AISA_API_KEY, plus make public-source requests such as Reddit and Hacker News. The required API key is coherent with the skill’s purpose, but the registry’s requirements summary appears incomplete, so rely on the manifest/SKILL.md rather than the summary. Only set AISA_BASE_URL or XIAOHONGSHU_API_BASE if you trust the endpoint you are pointing it at.
VirusTotal
No VirusTotal findings
Static analysis
No suspicious patterns detected.
