ClawHub

CyberSec Roadmap

v1.0.0

Generate personalized cybersecurity career roadmaps based on professional assessment data and individual goals.

0· 76·0 current·0 all-time
byToolWeb@krishnakumarmahadevan-cmd
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description ('Cybersecurity Career Roadmap') align with the included OpenAPI and SKILL.md: endpoints are limited to /, /health, and /api/cybersecurity/roadmap for generating roadmaps. There are no unrelated requirements (no cloud creds, no system binaries), so the capability requested is proportionate to the described purpose. Note: the publisher/source is unknown and no homepage is provided, but that is a provenance concern rather than an internal incoherence.
Instruction Scope
SKILL.md contains API documentation, example request/response payloads, and usage/pricing information. It does not instruct the agent to read local files, inspect environment variables, modify system configuration, or send data to unexpected endpoints. The only external domain mentioned appears as informational branding ('toolweb.in') and is not used in runtime instructions.
Install Mechanism
No install spec and no code files that would be written to disk; the skill is instruction-only, which is the lowest-risk install model. There are no downloads, package installs, or extracted archives to review.
Credentials
The skill declares no required environment variables, credentials, or config paths. That is proportionate to a simple API-description skill. Practical privacy note: the documented API accepts assessmentData that may include personal or sensitive career information — that is expected for the feature but users should avoid submitting unnecessary PII.
Persistence & Privilege
always is false and there is no indication the skill requests persistent system privileges or modifies other skills or system-wide config. Autonomous invocation (model invocation enabled) is the platform default and not a red flag here by itself.
Assessment
This skill appears internally consistent and low-risk: it only documents an API and requires no installs or credentials. Before you use it with real user data: (1) verify the service endpoint you will call (the skill includes OpenAPI but no verified hosting URL), (2) avoid submitting sensitive personal data or employer-confidential information when testing—use synthetic data first, (3) confirm pricing/account requirements if you plan production usage, and (4) prefer skills from known publishers or with a homepage/privacy policy if you need assurance about how submitted assessment data is stored or processed.

Like a lobster shell, security has layers — review code before you run it.

latestvk978gktm8w7mbpzvtvh0rgwvh583gdxp

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments