Inventory Reorder Calculator
Security checks across static analysis, malware telemetry, and agentic risk
Overview
Prompt-injection indicators were detected in the submitted artifacts (unicode-control-chars); human review is required before treating this skill as clean.
This appears safe to use as a planning aid. Treat its reorder quantities as decision support rather than automatic purchasing instructions, verify the assumptions against your own sales and supplier data, and inspect the original SKILL.md if you are concerned about the Unicode-control-character signal. ClawScan detected prompt-injection indicators (unicode-control-chars), so this skill requires review even though the model response was benign.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user should know there was a text-obfuscation signal, but there is no artifact-backed evidence that the skill would misuse tools, credentials, or data.
Unicode control characters can be used to disguise or reorder text, so the signal is worth noting even though the visible skill content does not show deceptive instructions or unsafe behavior.
Pre-scan injection signals ... unicode-control-chars
Use the neutralized/rendered content for review, and avoid installing if the original file displays unexpected hidden or reordered text.