ClawHub

Entrepreneurship

v1.0.0

Generate personalized entrepreneurship career roadmaps based on user assessment data, skills, experience, and professional goals.

0· 29·0 current·0 all-time
byToolWeb@krishnakumarmahadevan-cmd
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchases
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name and description (personalized entrepreneurship roadmaps) match the declared inputs (assessmentData, sessionId, userId, timestamp) and the provided OpenAPI schema. There are no unrelated credentials, binaries, or system paths requested.
Instruction Scope
SKILL.md and openapi.json only describe API endpoints and JSON payloads; they do not instruct the agent to read local files, environment variables, or system state. One gap: no base URL/host or authentication mechanism is provided for the API (the paths are shown as /api/...), so the skill as-distributed does not specify where requests are sent or how they are authenticated — this is a functional omission rather than a security red flag, but you should confirm the actual service endpoint and auth before sending user data.
Install Mechanism
Instruction-only skill with no install spec and no code files to write to disk. This is the lowest-risk install model.
Credentials
No environment variables, credentials, or config paths are required. The request/response model uses only sessionId/userId/timestamps and assessment data — expected and proportional for the stated purpose.
Persistence & Privilege
always is false and there is no install-time persistence; disable-model-invocation is false (default) which allows autonomous invocation but is standard. The skill does not request elevated or permanent system privileges.
Assessment
This skill appears coherent and low-risk, but before installing or using it: (1) confirm the real API host and authentication method (SKILL.md/openapi.json do not provide a base URL or auth), (2) avoid submitting sensitive PII or secrets to the service until you verify its operator, privacy policy, and data retention practices, and (3) prefer skills with a known source/homepage or documented SLA — the publisher here is unknown, so validate provenance if you will send user data.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ejd72xgj874zsszwp6mkt3h849b8s

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments