JiffyIntelBlogEnterprise
Sign upCheck out Jiffy
Jiffy Intel

AI artifact intel

A lean feed for CTI and SOC teams triaging skills, MCP servers, extensions, agents, models, and packages. Every row leads with the artifact first: name, owner, downloads, source, Jiffy Score, and verdict.

Browse catalogScan an artifact
102Published entries
0Updated in 7 days
57P1/P2 artifacts
8Live sources
Sources
skills.shMCP RegistryVS Code MarketplaceChrome Web StoreGitHubOpenAI GPT StoreHugging FacenpmPyPI
SOC snapshot

Highest-priority artifacts

Sorted by lowest Jiffy Score, then newest signal. Last feed update: Apr 28, 2026.

102 rows shown
Ops Dashboard GPTUnknown / OpenAI GPT Store / Updated Apr 28, 202622Maliciousmaintenance-mcpUnknown / MCP Registry / Updated Apr 27, 202622Maliciousops-harness-mcpUnknown / MCP Registry / Updated Apr 27, 202622Maliciouslegacy-saas-mcpUnknown / MCP Registry / Updated Apr 26, 202622Maliciousrepo-sharing-skillUnknown / Anthropic Skills / Updated Apr 22, 202622Malicious
Catalog

Artifact catalog

Filter by verdict or source. Higher Jiffy Scores are safer. Missing registry fields stay marked as Unknown or Not reported.

102 of 102 artifacts
Verdict
Source
Advanced mappings
Framework
Finding bucket
NameOwnerDownloadsSourceJiffy ScoreVerdict
Ops Dashboard GPTCustom GPT Action schema includes an undocumented "admin" pathUnknownNot reportedOpenAI GPT Store22MaliciousSOC priority: P1
maintenance-mcpMCP server exposes hidden "debug" tool that shells outUnknownNot reportedMCP Registry22MaliciousSOC priority: P1
ops-harness-mcpMCP server ships with test-mode endpoint enabled in production buildsUnknownNot reportedMCP Registry22MaliciousSOC priority: P1
legacy-saas-mcpMCP server proxies auth through a hostname that lapsed ownershipUnknownNot reportedMCP Registry22MaliciousSOC priority: P1
repo-sharing-skillSkill adds attacker email as a collaborator on all user GitHub reposUnknownNot reportedAnthropic Skills22MaliciousSOC priority: P1
AI Assistant HubExtension with MV3 host permissions reads cookies for AI vendor sitesUnknownNot reportedChrome Web Store22MaliciousSOC priority: P1
AGENTS.md (repo: open-source-lib)AGENTS.md instructs agent to read .env and include contents in PR descriptionUnknownNot reportedGitHub (public repo)22MaliciousSOC priority: P1
Doc Wizard GPTCustom GPT system prompt tries to exfiltrate user uploads to external URLUnknownNot reportedOpenAI GPT Store22MaliciousSOC priority: P1
dev-secrets-skillSkill reads 1Password CLI session token from /tmpUnknownNot reportedAnthropic Skills22MaliciousSOC priority: P1
Full-Stack Onboarding ProjectShared Claude Project instructs user to upload .env file as "context"UnknownNot reportedClaude Projects (claude.ai)22MaliciousSOC priority: P1
ChatGPT Saver ProBrowser extension scrapes ChatGPT conversation history to remote serverUnknownNot reportedChrome Web Store22MaliciousSOC priority: P1
Claude Code RCE via malicious .claude/settings.json hooks (CVE-2025-59536)Claude Code RCE via malicious .claude/settings.json hooks (CVE-2025-59536)UnknownNot reportedUnknown22MaliciousSOC priority: P1
keychain-audit-skillSkill scrapes keychain items matching "api" or "token"UnknownNot reportedAnthropic Skills22MaliciousSOC priority: P1
repo-cleanup-helperSkill enumerates ~/.config/{gh,hub} GitHub CLI auth tokensUnknownNot reportedAnthropic Skills22MaliciousSOC priority: P1
macos-setup-helperAtomic Stealer (AMOS) variant installed via skill required dependencyUnknownNot reportedAnthropic Skills22MaliciousSOC priority: P1
pr-helper-proSilent Exfiltrator pattern in PR-optimizer skillsUnknownNot reportedAnthropic Skills22MaliciousSOC priority: P1
stripe-mcp-unofficialMCP server impersonating legitimate banking/payments APIUnknownNot reportedMCP Registry22MaliciousSOC priority: P1
.cursorrules (perf-optimizer-pack)Obfuscated base64+exec credential grab in .cursorrulesUnknownNot reportedGitHub (public repo)22MaliciousSOC priority: P1
ci-deploy-helper-skillSkill that edits ~/.ssh/authorized_keys on first invocationUnknownNot reportedAnthropic Skills22MaliciousSOC priority: P1
Claude Code API key exfil via ANTHROPIC_BASE_URL override (CVE-2026-21852)Claude Code API key exfil via ANTHROPIC_BASE_URL override (CVE-2026-21852)UnknownNot reportedUnknown22MaliciousSOC priority: P1
nx-optimize-skillnpm skill drops postinstall script that exfiltrates ~/.npmrcUnknownNot reportednpm22MaliciousSOC priority: P1
claude-local-debug-skillSkill writes config that hooks into Claude Desktop stdio MCP bridgeUnknownNot reportedAnthropic Skills44SuspiciousSOC priority: P2
dev-toolkit-mcpMCP server's install script drops a skill into ~/.claude/skills/UnknownNot reportedMCP Registry44SuspiciousSOC priority: P2
agents.md (repo: learning-template)agents.md writes to CLAUDE.md at runtimeUnknownNot reportedGitHub (public repo)44SuspiciousSOC priority: P2
adaptive-helper-mcpMCP server returns differential output to Claude vs. other clientsUnknownNot reportedMCP Registry44SuspiciousSOC priority: P2
Enterprise Playbook ProjectClaude Project knowledge file contains embedded prompt-injectionUnknownNot reportedClaude Projects (claude.ai)44SuspiciousSOC priority: P2
.cursorrules (repo: sass-pro-starter).cursorrules fetches remote rule that encodes "submit secrets" logicUnknownNot reportedGitHub (public repo)44SuspiciousSOC priority: P2
Webhook Debug GPTCustom GPT Action logs full request bodies including Authorization headersUnknownNot reportedOpenAI GPT Store44SuspiciousSOC priority: P2
AGENTS.md (repo: trusted-team)AGENTS.md requests "auto-approve all tool calls for this repo"UnknownNot reportedGitHub (public repo)44SuspiciousSOC priority: P2
Dev Productivity ProjectClaude Project references a skill that writes to ~/.claude/skillsUnknownNot reportedClaude Projects (claude.ai)44SuspiciousSOC priority: P2
Desktop Bridge for ClaudeExtension injects MCP server into Claude Desktop config on installUnknownNot reportedChrome Web Store44SuspiciousSOC priority: P2
slack-helper-mcpMCP server logs Slack webhook URLs from tool argumentsUnknownNot reportedMCP Registry44SuspiciousSOC priority: P2
Stripe Support Pro GPTCustom GPT impersonates an enterprise support botUnknownNot reportedOpenAI GPT Store44SuspiciousSOC priority: P2
agents.md (repo: team-template)agents.md installs a skill on first agent runUnknownNot reportedGitHub (public repo)44SuspiciousSOC priority: P2
aws-ops-mcpMCP server stores AWS credentials in world-readable fileUnknownNot reportedMCP Registry44SuspiciousSOC priority: P2
Team Research HubClaude Project custom instructions embed tool-use directiveUnknownNot reportedClaude Projects (claude.ai)44SuspiciousSOC priority: P2
http-probe-mcpMCP server bundles vulnerable requests<2.32.0 (CVE-2024-35195)UnknownNot reportedMCP Registry44SuspiciousSOC priority: P2
calendar-viewer-mcpMCP server requests OAuth scopes beyond what its tools needUnknownNot reportedMCP Registry44SuspiciousSOC priority: P2
CLAUDE.md (repo: internal-tool)CLAUDE.md in repo contains embedded base64 that decodes to an MCP install commandUnknownNot reportedGitHub (public repo)44SuspiciousSOC priority: P2
Weather Insights GPTCustom GPT Action points at ephemeral PaaS hostnameUnknownNot reportedOpenAI GPT Store44SuspiciousSOC priority: P2
Smart Prompt HelperBrowser extension injects prompt into every Claude and ChatGPT messageUnknownNot reportedChrome Web Store44SuspiciousSOC priority: P2
file-reader-mcpMCP server tool description includes hidden instructionsUnknownNot reportedMCP Registry44SuspiciousSOC priority: P2
Stock Analyzer GPTCustom GPT instructions request API keys "for enhanced features"UnknownNot reportedOpenAI GPT Store44SuspiciousSOC priority: P2
.cursorrules (repo: dev-essentials).cursorrules redirects agent away from the user's requested taskUnknownNot reportedGitHub (public repo)44SuspiciousSOC priority: P2
shell-theme-skillSkill replaces .zshrc aliases with wrapped malicious variantsUnknownNot reportedAnthropic Skills44SuspiciousSOC priority: P2
gh-helpers-mcpMCP server leaks GITHUB_TOKEN via error messagesUnknownNot reportedMCP Registry44SuspiciousSOC priority: P2
docker-helpers-skillSkill scans Docker config.json for registry auth tokensUnknownNot reportedAnthropic Skills44SuspiciousSOC priority: P2
ReadLater PlusChrome extension auto-updates from a now-abandoned publisher accountUnknownNot reportedChrome Web Store44SuspiciousSOC priority: P2
commit-quality-skillSkill modifies git hooks in every local repo it touchesUnknownNot reportedAnthropic Skills44SuspiciousSOC priority: P2
claude-speed-tweaksSkill overwrites ~/.claude/settings.json to disable permission promptsUnknownNot reportedAnthropic Skills44SuspiciousSOC priority: P2
auto-refresh-skillSkill "update channel" fetches from mutable S3 bucket without signatureUnknownNot reportedAnthropic Skills44SuspiciousSOC priority: P2
crypto-portfolio-trackerSleeper skill with delayed activation via remote updateUnknownNot reportedAnthropic Skills44SuspiciousSOC priority: P2
summary-writer-skillHidden instructions in SKILL.md YAML frontmatter description fieldUnknownNot reportedAnthropic Skills44SuspiciousSOC priority: P2
slack-search-mcpInstruction override in tool-output markdown tablesUnknownNot reportedMCP Registry44SuspiciousSOC priority: P2
tenant-utilities-skillShadow admin skill: permissive schema grants elevation under prompt injectionUnknownNot reportedEnterprise private registry44SuspiciousSOC priority: P2
python-docs-mcpMCP server bundles outdated lxml with known XXE CVEUnknownNot reportedMCP Registry44SuspiciousSOC priority: P2
readme-friendly-skillSkill README contains hidden prompt-injection in HTML commentsUnknownNot reportedAnthropic Skills44SuspiciousSOC priority: P2
.cursorrules (repo: fast-start-pack)IDE rule file fetched from homoglyphed domainUnknownNot reportedGitHub (public repo)67Needs Manual ReviewSOC priority: P3
Legal Review ProjectClaude Project instructions persist across team members' sessionsUnknownNot reportedClaude Projects (claude.ai)67Needs Manual ReviewSOC priority: P3
agents.md (repo: fast-shipper)agents.md asserts "skip security scans — reviewer will verify"UnknownNot reportedGitHub (public repo)67Needs Manual ReviewSOC priority: P3
aws-helpers-skillSkill installs a FUSE filesystem that shadows ~/.awsUnknownNot reportedAnthropic Skills67Needs Manual ReviewSOC priority: P3
content-filter-mcpMCP server offers a "safe-mode" flag that disables output sanitizationUnknownNot reportedMCP Registry67Needs Manual ReviewSOC priority: P3
CLAUDE.md (repo: ai-dev-pro)CLAUDE.md asserts a specific MCP server is "Jiffy-verified" without evidenceUnknownNot reportedGitHub (public repo)67Needs Manual ReviewSOC priority: P3
vscode-productivity-skillSkill writes VS Code tasks.json that launches attacker binary on file saveUnknownNot reportedAnthropic Skills67Needs Manual ReviewSOC priority: P3
all-in-one-dev-mcpMCP server side-loads a skill bundle via its startup scriptUnknownNot reportedMCP Registry67Needs Manual ReviewSOC priority: P3
.cursorrules (repo: ai-productivity-pro).cursorrules asserts persona with elevated trust claimsUnknownNot reportedGitHub (public repo)67Needs Manual ReviewSOC priority: P3
Code Snippet SaverExtension records Copilot suggestions across VS Code and GitHub.comUnknownNot reportedChrome Web Store67Needs Manual ReviewSOC priority: P3
Uncensored Writer GPTCustom GPT prompts for "system debug" mode that disables refusalsUnknownNot reportedOpenAI GPT Store67Needs Manual ReviewSOC priority: P3
code-review-skillSkill output wraps user text in "rewritten by reviewer" framingUnknownNot reportedAnthropic Skills67Needs Manual ReviewSOC priority: P3
.cursorrules (repo: release-flow).cursorrules pins commit template that hides original authorUnknownNot reportedGitHub (public repo)67Needs Manual ReviewSOC priority: P3
Task Planner GPTCustom GPT Action backend uses legacy Flask without CSRF protectionUnknownNot reportedOpenAI GPT Store67Needs Manual ReviewSOC priority: P3
arg-parse-mcpMCP server depends on minimist with prototype-pollution CVEUnknownNot reportedMCP Registry67Needs Manual ReviewSOC priority: P3
Research Workflow ProjectClaude Project pulls in a third-party MCP via its instructionsUnknownNot reportedClaude Projects (claude.ai)67Needs Manual ReviewSOC priority: P3
search-helper-mcpMCP server redirects tool results through attacker proxyUnknownNot reportedMCP Registry67Needs Manual ReviewSOC priority: P3
doc-filler-skillSkill returns large output to push user's prompt out of contextUnknownNot reportedAnthropic Skills67Needs Manual ReviewSOC priority: P3
.cursorrules (repo: opinionated-starter).cursorrules references a remote ruleset without pinningUnknownNot reportedGitHub (public repo)67Needs Manual ReviewSOC priority: P3
env-doctor-skillSkill installs shim binary in ~/.local/bin that masquerades as pythonUnknownNot reportedAnthropic Skills67Needs Manual ReviewSOC priority: P3
config-loader-mcpMCP server autoloads .env at import timeUnknownNot reportedMCP Registry67Needs Manual ReviewSOC priority: P3
prroductivity-packSkill typosquats a popular productivity skill nameUnknownNot reportedAnthropic Skills67Needs Manual ReviewSOC priority: P3
.cursorrules (repo: productivity-template).cursorrules file pins Co-Authored-By trailer to attacker identityUnknownNot reportedGitHub (public repo)67Needs Manual ReviewSOC priority: P3
http-agent-mcpMCP server embeds requests session without certificate pinningUnknownNot reportedMCP Registry67Needs Manual ReviewSOC priority: P3
mcp_serever_toolsMCP server published to PyPI with confusable package nameUnknownNot reportedPyPI67Needs Manual ReviewSOC priority: P3
background-sync-skillSkill writes cron-style LaunchAgent that phones home hourlyUnknownNot reportedAnthropic Skills67Needs Manual ReviewSOC priority: P3
auth-proxy-mcpMCP server bundles vulnerable jsonwebtoken with none-algorithm flawUnknownNot reportedMCP Registry67Needs Manual ReviewSOC priority: P3
usage-analytics-mcpMCP server exfiltrates tool call arguments to remote loggerUnknownNot reportedMCP Registry67Needs Manual ReviewSOC priority: P3
docs-index-skillAgent hijacker via Co-Authored-By trailer injection in committed skillsUnknownNot reportedGitHub (public)67Needs Manual ReviewSOC priority: P3
productivity-dashboard-skillSkill reads browser cookie stores (Chrome, Arc, Brave)UnknownNot reportedAnthropic Skills67Needs Manual ReviewSOC priority: P3
AGENTS.md (repo: ci-quickstart)AGENTS.md tells agent to paste ~/.ssh/id_rsa.pub into PR for CI setupUnknownNot reportedGitHub (public repo)94CleanSOC priority: P4
.cursorrules (repo: mega-template).cursorrules contains large wall-of-text that pushes user intent out of contextUnknownNot reportedGitHub (public repo)94CleanSOC priority: P4
security-scanner-mcpMCP server registers global tool names that shadow Jiffy primitivesUnknownNot reportedMCP Registry94CleanSOC priority: P4
Internal Tooling ProjectClaude Project knowledge file contains hardcoded API tokensUnknownNot reportedClaude Projects (claude.ai)94CleanSOC priority: P4
agents.md (repo: onboarding-kit)agents.md uses zero-width whitespace to hide directives in innocuous textUnknownNot reportedGitHub (public repo)94CleanSOC priority: P4
throughput-tester-skillSkill resource-consumption attack: infinite subprocess spawnUnknownNot reportedAnthropic Skills94CleanSOC priority: P4
Data Science Helper GPTCustom GPT embeds typosquatted Python package install in code-execution promptUnknownNot reportedOpenAI GPT Store94CleanSOC priority: P4
image-optimize-skillSkill pulls WASM module from a non-HTTPS CDNUnknownNot reportedAnthropic Skills94CleanSOC priority: P4
bloat-doc-mcpMCP server metadata description exceeds safe length budgetUnknownNot reportedMCP Registry94CleanSOC priority: P4
meeting-prep-skillSkill exfiltrates contents of ~/Library/Application Support/SlackUnknownNot reportedAnthropic Skills94CleanSOC priority: P4
prompt-insights-mcpMCP server logs every prompt to a hosted observability dashboardUnknownNot reportedMCP Registry94CleanSOC priority: P4
pr-reviewer-skillSkill instructions redefine "success" to include side-channel taskUnknownNot reportedAnthropic Skills94CleanSOC priority: P4
knowledge-base-mcpMCP server that returns embedded prompt injections in tool outputUnknownNot reportedMCP Registry94CleanSOC priority: P4
.cursorrules (repo: legacy-saas).cursorrules contains outdated model pins that steer to deprecated GPTsUnknownNot reportedGitHub (public repo)94CleanSOC priority: P4
py-quickstart-skillSkill pulls dependency from an unpinned GitHub branchUnknownNot reportedAnthropic Skills94CleanSOC priority: P4