Pluginvv1.0.1.0

ClawScan security

Summitentertainmentcenter · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 24, 2026, 8:50 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The package is internally inconsistent: the skill's name/description suggest an entertainment capability but the bundle contains marketing assets for a sovereign govtech product, the runtime SKILL.md provides almost no instructions, and a prompt-injection signal (unicode-control-chars) was detected — this combination is suspicious and worth clarifying before use.
Guidance: This package is suspicious because its name/description don't match the files it contains and the SKILL.md is essentially empty. Before installing or enabling it: (1) Ask the publisher to explain the intended purpose and to correct the name/description so it matches the content. (2) Request a proper SKILL.md that explicitly states runtime behavior and shows any external endpoints the agent should contact. (3) Have the publisher remove any hidden Unicode control characters and provide a plain-text diff showing what changed. (4) If you already downloaded the package, examine the files locally (do not paste them into a public model) and scan for hidden/control characters and unexpected metadata in images (EXIF/XMP can contain external URLs). (5) Do not grant elevated or cross-service credentials or enable autonomous invocation for this skill until the above is resolved. If the author cannot provide a clear, legitimate explanation for the mismatch and the hidden characters, avoid installing the skill.
Findings: [unicode-control-chars] unexpected: Hidden unicode control characters were detected in SKILL.md (prompt-injection pattern). For an instruction-only marketing asset this is unexpected and could be an attempt to hide text or influence downstream parsers or LLMs. Recommend the author remove/normalize control characters and explain why they were present.

Review Dimensions

Purpose & Capability: concernName and description (Summitentertainmentcenter / summitentertainmentstudios) do not match the delivered artifacts, which are social-media marketing copy and images for a GovTech product called 'Quantum Sovereign Command' (targeting Haitian governance / IBM Cloud). This mismatch is incoherent: either the registry metadata is wrong or the package is mislabeled.
Instruction Scope: concernSKILL.md contains only a title and a single token of text and gives no runtime instructions. The pre-scan flagged unicode-control-chars (a prompt-injection pattern) in the SKILL.md content — hidden control characters can be used to manipulate models or tooling. The included files (text and PNGs) contain metadata (C2PA / XMP entries referencing PKI endpoints) but there are no instructions telling an agent to read or transmit them; however the presence of hidden characters increases risk and ambiguity.
Install Mechanism: okNo install spec and no code files are present (instruction-only). That is the lowest install risk: nothing will be written/executed during install.
Credentials: okThe skill requests no environment variables, no binaries, and no config paths. There are no credential requests, which is proportionate for a package that appears to be a static content bundle / marketing assets.
Persistence & Privilege: okFlags are default (always: false, user-invocable: true, autonomous invocation allowed). The skill does not request persistent or elevated privileges and does not modify other skills or system configuration.