v1.0.0

Linkedin Profile Optimizer

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 1:36 AM.

Analysis

This is an instruction-only LinkedIn profile coaching skill with no code or credential requirements, but users should keep profile data and any LinkedIn account actions under their own control.

GuidanceThis skill appears appropriate for drafting LinkedIn profile improvements. Use it by pasting only the profile and career details you are comfortable sharing, verify all claims before publishing, and do not authorize it to log into LinkedIn, send messages or connection requests, make purchases, or handle crypto assets without separate explicit review.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityLowConfidenceMediumStatusNote

capability signals

- crypto
- can-make-purchases

These signals are not explained by the LinkedIn profile-writing purpose. The artifacts do not include code, credentials, or instructions that actually perform purchases or crypto actions, so this is a user-notice item rather than a material tool-misuse concern.

User impactIf the broader agent environment has transaction-capable tools, users should not let this skill use them for purchases, subscriptions, or crypto activity.

RecommendationUse this skill for drafting and analysis only; require explicit user approval for any LinkedIn account action and do not grant purchase or crypto permissions for this task.

Agentic Supply Chain Vulnerabilities

SeverityInfoConfidenceHighStatusNote

metadata

Source: unknown
Homepage: none

The skill has limited provenance information. Because it is instruction-only with no install spec or code files, the supply-chain risk is limited, but users have less publisher context to evaluate.

User impactUsers cannot easily verify the author's background or project homepage before trusting the advice.

RecommendationReview the instructions and generated profile claims carefully before applying them publicly.

Human-Agent Trust Exploitation

SeverityLowConfidenceHighStatusNote

SKILL.md

Acts as a profile strategist who has reviewed thousands of profiles

The skill uses an authority-style persona claim to frame its recommendations. This is common in advisory skills, but users should not treat it as independently verified expertise.

User impactUsers may over-trust optimization claims or make public profile changes without checking accuracy and tone.

RecommendationTreat the output as draft marketing advice; verify all claims, metrics, credentials, and positioning before publishing.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityLowConfidenceHighStatusNote

SKILL.md

> Audit my LinkedIn profile: [paste headline + About + last 2 roles]

The skill asks users to place professional profile and employment details into the conversation context. This is necessary for the stated purpose, and the artifacts do not show persistent memory or reuse across tasks.

User impactProfile text, role history, job-search positioning, and business targeting details may be sensitive even if they are partly public on LinkedIn.

RecommendationPaste only the profile and career details needed for the rewrite, and remove private contact details, confidential employer information, or unreleased business plans.