Mechanic
ReviewAudited by ClawScan on May 10, 2026.
Overview
This vehicle tracker is mostly purpose-aligned, but it plans to create a recurring background cron job and store sensitive vehicle/insurance details, so users should review it before use.
Review the reminder setup carefully before installing. If you use the skill, confirm any cron job before it is created, keep the mechanic data folder private, and only store VIN, insurance, tax, or emergency information that you are comfortable keeping in the workspace.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A background reminder job could continue running after setup and periodically access or modify the mechanic data files unless the user knows how to disable it.
This indicates the skill may create a persistent background task. The reminder purpose is disclosed, but the artifacts do not specify the exact job, how it is approved, what it can invoke, or how the user can remove it.
On first use, the skill will: ... Set up a recurring cron job to check in
Before enabling reminders, require explicit user confirmation, show the exact cron entry, limit what it runs, and provide a clear disable/uninstall procedure.
The tracker can build a detailed local record of vehicles, costs, insurance, and travel/service patterns.
The skill stores persistent user data for reuse across tasks. The sample state also includes fields such as VIN, insurance provider, policy number, service providers, costs, and business-use information.
"state.json" | All vehicles: current mileage/hours, history, service records, fuel logs, warranties, providers, emergency info
Store only what you need, avoid adding unnecessary insurance or tax details, and keep the workspace data directory protected or encrypted if it contains sensitive information.
Your VIN may be shared with NHTSA or a related public recall endpoint when recall checks are performed.
Recall monitoring appears purpose-aligned, but it may involve sending a vehicle VIN to an external public API.
NHTSA recall monitoring — Checks for open recalls by VIN (free API)
Confirm when external VIN lookups occur and avoid entering VINs if you do not want them used for online recall checks.