Back to plugin

Security audit

Last30days Zh

Security checks across malware telemetry and agentic risk

Overview

This appears to be a recent-research skill that uses an AISA API key and bundled Python scripts in ways that generally match its stated purpose.

This skill looks internally consistent: it needs an AISA API key because it sends research queries to AISA and related public data sources. Before installing, be aware that it includes real executable Python code despite having no installer, and the registry metadata shown here does not reflect the required AISA_API_KEY/python3/bash requirements even though the package files do. Only provide AISA_API_KEY if you trust the AISA service and the publisher, and avoid setting custom AISA_BASE_URL or XIAOHONGSHU_API_BASE unless you intentionally want requests sent to those endpoints.

VirusTotal

No VirusTotal findings

View on VirusTotal

Static analysis

No suspicious patterns detected.