ClawHub
Back to skill
v1.0.0

Technical Writer

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 8:34 AM.

Analysis

The skill appears purpose-aligned for generating technical writing career roadmaps, but users should notice that it asks for personal career assessment details and has limited source provenance.

GuidanceThis skill looks benign and coherent for career roadmap generation. Before using it, be mindful that the roadmap request may include personal career history, goals, skills, session IDs, and an optional user ID; share only what is necessary and verify the publisher or service provenance if privacy matters to you.

Findings (2)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities
SeverityInfoConfidenceHighStatusNote
metadata
Source: unknown; Homepage: none

The artifacts do not identify a public source or homepage for the skill/API operator. This is not evidence of malicious behavior, but it limits provenance and trust context.

User impactUsers have less information about who maintains the skill or operates the related service before sharing personal career details.
RecommendationVerify the publisher or service provenance before entering sensitive personal or professional information.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication
SeverityLowConfidenceHighStatusNote
openapi.json
"RoadmapRequest": { "properties": { "assessmentData": { "$ref": "#/components/schemas/AssessmentData" }, "sessionId": { "type": "string" }, "userId": { ... }, "timestamp": { "type": "string" } }

The roadmap endpoint is designed to receive user assessment data plus session and optional user identifiers. This is expected for personalization, but it is still personal/professional data that users should intentionally share.

User impactA user may provide career history, goals, skills, session IDs, and possibly a user ID to the roadmap service.
RecommendationOnly provide information needed for the roadmap, avoid unnecessary identifying details, and confirm the service operator and privacy handling if the data is sensitive.