v1.0.0

AIOT Engineer

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 8:34 AM.

Analysis

This skill appears to be a benign AIoT career-roadmap helper that sends user-provided career assessment details to a documented roadmap API, with no code, install steps, credentials, or local system access shown.

GuidanceThis looks safe to install as an instruction/API-description skill. Before using it, be mindful that the roadmap request may include career background, skills, goals, session IDs, timestamps, and optional user IDs, so avoid submitting confidential or unnecessary personal information.

Findings (1)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityLowConfidenceHighStatusNote

openapi.json

"/api/aiot/roadmap" ... "requestBody" ... "$ref": "#/components/schemas/RoadmapRequest" ... "required": ["assessmentData", "sessionId", "timestamp"] ... "userId"

The roadmap endpoint accepts user-provided assessment data plus session and optional user identifiers. This is purpose-aligned for personalization, but it is still a data-sharing flow users should understand.

User impactThe roadmap service may receive details about the user's experience, skills, goals, session ID, timestamp, and optional user ID.

RecommendationUse the skill with information you are comfortable sharing, and avoid including secrets, private employer data, or unnecessary personal identifiers in free-form assessment fields.