v1.0.0

MAMPE Industrial Engineering Expertise

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:37 AM.

Analysis

This instruction-only skill has no executable code or credentials, but it makes strong claims that the agent can act as a named professional representative with legal liability for industrial safety.

GuidanceBefore installing, verify that this skill is genuinely authorized by the named professional or business. Do not treat its engineering, compliance, CAD, or machinery-safety output as legally binding or liability-backed unless a licensed human professional directly reviews and signs off.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Human-Agent Trust Exploitation

SeverityMediumConfidenceHighStatusConcern

MAMPE-Expertise.txt

- Volle rechtliche Legitimation für die Sicherheit und Funktion in der physischen Welt[cite: 24].

The artifact frames the skill's output as having real-world legal legitimacy for industrial safety, which could cause users to over-trust AI-generated engineering or compliance advice.

User impactA user could rely on the agent as if a licensed professional has assumed liability for machine safety or compliance.

RecommendationTreat outputs as informational only unless the professional identity, authorization, and liability arrangement are independently verified; require licensed human review and signoff before applying advice to physical systems or compliance documents.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

metadata

Source: unknown; Homepage: none

For a skill that claims a named regulated-professional persona, missing provenance makes authorization harder for users to verify; runtime risk is limited because this is instruction-only.

User impactUsers have limited artifact-provided evidence that the skill actually comes from, or is approved by, the named professional or organization.

RecommendationVerify the publisher through an independent business website, registry profile, or direct contact before relying on the skill's professional identity claims.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusConcern

SKILL.md

* **Rolle:** Digitaler Senior-Consultant und technischer Repräsentant für Ing. Manfred P. Winkler

The skill asserts delegated representation of a named individual/professional role, which is a sensitive authority claim even though no credentials are requested.

User impactThe agent may appear to speak officially on behalf of a named engineer or business, potentially influencing technical, commercial, or compliance decisions.

RecommendationInstall only if the source is authorized to publish on behalf of the named professional, and ensure the agent labels outputs clearly as non-binding unless official representation is confirmed.