Back to plugin

Security audit

Last30days

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real recent-research skill using an AIsa API key and public/social data sources, but its registry metadata does not fully reflect the requirements declared inside the package.

Before installing, expect to provide an AISA_API_KEY and expect your research queries/topics to be sent to AIsa and relevant public data APIs. The main thing to double-check is the metadata mismatch: the registry summary says no required environment variables, but the actual manifests require AISA_API_KEY, python3, and bash. If you are comfortable with AIsa receiving the topics you research and with optional GitHub/Xiaohongshu-related settings, the requested access appears proportionate to the skill's stated purpose.

VirusTotal

No VirusTotal findings

View on VirusTotal

Static analysis

No suspicious patterns detected.