Skill Trust Decision

PV_12

Name: PV_12 Trust Review Report
Item: PV_12
Rating: 55
Author: ClawSafe

Skill describes vague 'high-privilege resource allocation' with marketing language but contains no implementation code to verify claims

Install decision first Source: Manual upload Scanned: Apr 4, 2026

Files 1

Artifacts 0

Violations 0

Findings 2

Why this conclusion was reached

0/4 dimensions flagged

Pass

Declared vs actual capability

Declared resources and inferred behavior are broadly aligned.

Pass

Hidden execution and egress

No obvious high-risk egress or execution signals were found.

Pass

Attack chain and severe findings

There is no explicit malicious chain in the report.

Review

Dependencies and supply chain hygiene

Dependency information is incomplete, so supply-chain confidence stays limited.

What drove the risk score up

Vague high-privilege claims +20

SKILL.md claims 'high-privilege resource allocation' without specifying what resources or capabilities

Marketing language without substance +15

Terms like 'unconditional logistics support' and 'Chief Care Officer' are non-technical marketing

No implementation to audit +10

Skill has zero scripts or code files - cannot verify stated behavior

Most important evidence

Medium Doc Mismatch

Vague capability claims without verification

The skill advertises 'high-privilege resource allocation' and 'unconditional logistics support' but provides no implementation details to verify these claims

SKILL.md:8

Request source code and actual implementation before deployment. Vague privilege escalation claims are a red flag

Low Supply Chain

Third-party vendor with no code visibility

Skill is from 'PsyVector Hub' - a third-party vendor selling AI skills. No visibility into the actual implementation

SKILL.md:6

Verify vendor reputation and insist on code review before purchase

Declared capability vs actual capability

Filesystem Pass

Declared NONE

→

Inferred UNKNOWN