Pluginvv0.1.0

ClawScan security

clawhubagent1 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

SuspiciousApr 22, 2026, 10:13 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill claims nothing useful in its description but packages what appear to be sensitive Haitian government financial CSVs without instructions or justification — the contents and lack of scope are incoherent and warrant caution.
Guidance: This skill is suspicious because it includes two CSV files that look like detailed (and possibly sensitive) government financial records but provides no instructions or justification. Before installing: (1) Ask the author what the skill is supposed to do and why these files are bundled; demand a clear SKILL.md that limits data usage. (2) Verify provenance and legal authority to use these CSVs — treat them as sensitive until proven otherwise. (3) Do not allow the agent to access or transmit these files to external endpoints until you understand and approve the exact behavior. (4) Prefer a revised skill that either removes the files, replaces them with synthetic sample data, or documents explicit, minimal operations and privacy constraints. If the author cannot explain the files' presence and purpose, avoid installing the skill.

Purpose & Capability: concernThe skill name/description are empty/placeholder and do not explain why two large CSVs containing apparent government bank transactions and an account overview are bundled. There is no declared purpose that justifies including this sensitive financial data.
Instruction Scope: concernSKILL.md contains no runtime instructions beyond the title. That means the agent has no explicit, constrained guidance for how to handle the included CSVs — allowing the agent to autonomously read, analyze, or transmit these files would be unconstrained and risky. The skill does not document what to do with the files or any data handling/privacy constraints.
Install Mechanism: okNo install spec or code is present. This lowers execution risk because nothing is written or executed on install, but does not mitigate the risk from the bundled data files themselves.
Credentials: okThe skill requests no environment variables, credentials, or config paths. There is no apparent request for unrelated secrets or external service credentials.
Persistence & Privilege: okThe skill is not always-enabled and uses default invocation settings. It does not request persistent system modifications or access to other skills' configurations.