ClawHub
Back to skill
v1.0.0

Full Stack Developer

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 8:04 AM.

Analysis

This looks like a simple career-roadmap API skill, with the main caution that it sends career/profile details to a not-fully-identified provider.

GuidanceThis skill appears safe for its stated purpose of generating full-stack developer career roadmaps. Before using it, confirm you trust the provider and avoid entering sensitive work history, client names, private project details, or other information you would not want processed by an external API.

Findings (2)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities
SeverityInfoConfidenceHighStatusNote
metadata
Source: unknown
Homepage: none

The registry does not identify a source repository or homepage, which is a provenance gap even though there is no installable code or dependency chain in this artifact set.

User impactUsers have less information for verifying who operates or maintains the API before sending data to it.
RecommendationVerify the provider and privacy terms before using the skill with real personal or organizational career data.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication
SeverityLowConfidenceHighStatusNote
SKILL.md
"assessmentData": { "experience": { "yearsInTech": 2, "previousRoles": ["Junior Developer", "QA Engineer"], "industryBackground": "Financial Services" }, "skills": ..., "goals": ..., "sessionId": "sess_abc123def456" }

The skill is designed to send user career profile details, skill inventories, goals, and session identifiers to a roadmap-generation API. This is purpose-aligned, but it is still user profile data.

User impactCareer history, skills, goals, and identifiers may be processed by the external service when generating the roadmap.
RecommendationAvoid including sensitive employer, project, client, or personal details unless you trust the provider and understand its data handling practices.