Pluginvv0.1.0

ClawScan security

pierrelouisevensmaxai-blip · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

SuspiciousApr 23, 2026, 11:35 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill is extremely minimal and incoherent: it provides almost no instructions, a vague name/description that don't explain the included CSV files, and leaves broad discretion to the agent — not obviously malicious but too ambiguous to trust without clarification.
Guidance: This skill is basically an empty placeholder with two CSV files and no instructions. Before installing or using it: (1) ask the publisher what the skill is supposed to do and why those CSVs are included; (2) don't grant any extra credentials or run it autonomously until you have clear runtime instructions; (3) inspect the CSV contents locally (they contain very large numeric values and a negative 'all time profit' entry) to confirm they aren't sensitive or malformed sample data; (4) prefer to run the agent with this skill in a restricted/sandboxed environment until you trust its behavior. If the publisher cannot provide a clear purpose and explicit runtime steps, treat it as untrusted/unnecessary.

Purpose & Capability: noteThe name ('pierrelouisevensmaxai-blip') and description ('quantacomput') are vague and do not explain the presence or purpose of the two included 'Quantum Virtual Bank' CSV files. The skill requests no binaries, env vars, or installs, which is consistent with a passive data/example bundle, but the metadata does not justify why these particular files are included.
Instruction Scope: concernSKILL.md contains only a title and a single word ('quantacomput') — there are no runtime instructions, constraints, or safety boundaries. That extreme vagueness grants the agent broad discretion to read or act on the included CSV files (or any other context it has) without guidance. Open-ended instructions are a security risk because they can cause the agent to collect, infer, or transmit data unexpectedly.
Install Mechanism: okNo install specification and no code files are present (instruction-only). This minimizes installation risk because nothing new is written to disk or fetched during install.
Credentials: okThe skill declares no required environment variables, credentials, or config paths. There is no indication it requests sensitive credentials or system access.
Persistence & Privilege: okFlags are default: always:false and model invocation is allowed (normal). The skill does not request persistent presence or system-wide changes.