Robotics Engineer
Analysis
The skill appears to be a coherent career-roadmap API/documentation skill with only minor privacy and provenance notes.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.
Source: unknown; Homepage: none
The skill has limited provenance information. This is not suspicious by itself, especially with no install code, but users have less context to verify who operates or maintains it.
Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.
"required": ["assessmentData", "sessionId", "timestamp"], "userId": {"anyOf": [{"type": "integer"}, {"type": "null"}]}The roadmap endpoint is designed to receive user assessment data plus session/timestamp and optional user ID. This is aligned with personalization, but it is still privacy-relevant data flow.