ProClaw HumanOS Ultimate(专业人物技能分析与构建)
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Users may treat personality, career, or hiring-style recommendations as validated predictions when the artifacts do not substantiate those performance claims.
The README advertises quantified accuracy/precision for career and talent decisions, which could make users over-trust outputs that affect important life or organizational choices.
Career Decision: Map your cognitive style to career paths with 70%+ accuracy ... Talent Matching: Predict candidate-job fit with 80%+ precision
Treat outputs as exploratory or creative guidance, not evidence-based career, hiring, clinical, or psychological assessment.
The skill may produce authoritative-looking path, growth, or career recommendations that are not actually derived from validated user data.
The path-affinity logic explicitly generates random scores, while the skill presents path mapping and recommended journeys as personality-analysis results.
# 简化处理:随机生成亲和度分数 np.random.seed(hash(path_name) % 2**32) affinity_score = np.random.uniform(0.5, 0.95)
Clearly label these scores as simulated examples, or replace random scoring with transparent, validated calculations before relying on the results.
Users could mistake simulated neural-network metrics and evolution predictions for real model training or validated forecasting.
The neural-network training metrics are simulated with random values, yet the skill describes evolution tracking and prediction outputs.
# 简化处理:仅模拟训练过程 epoch_loss = np.random.uniform(0.1, 0.5) epoch_accuracy = np.random.uniform(0.6, 0.9)
Do not present simulated training accuracy, loss, or future predictions as empirically reliable; add prominent limitations in generated reports.
Running the skill may execute local Python code, perform network research, and write generated files.
The skill instructs the agent/user to run bundled Python scripts. This is central to the stated purpose, but it is still local code execution with user-supplied arguments and file outputs.
python scripts/research_orchestrator.py --os-type <type> --target <target> --output-dir ./output/<target> --mode network
Run it only from a trusted copy, preferably in a project directory or isolated environment, and inspect generated files before using them.
If the user installs dependencies manually, package versions may vary and come from the user’s configured package index.
The skill declares external Python dependencies with lower-bound versions and no install spec. This is common for script-based skills, but users should manage dependency provenance.
dependency:
python:
- requests>=2.28.0
- beautifulsoup4>=4.11.0
- numpy>=1.21.0Use a virtual environment, pin exact dependency versions where possible, and install from trusted package sources.
Personal details used for personality modeling may remain in local JSON files, generated reports, or generated skill files.
The workflow processes personal profile and scan data, and other steps generate persistent reports and models. This is expected for personality analysis, but the data may be sensitive.
python scripts/personality_modeler.py --prototype prototype.json --scan scan.json --personal personal.json
Avoid unnecessary sensitive personal information, store outputs in a controlled folder, and delete generated files when no longer needed.
A generated skill may carry forward inaccurate, biased, or unsafe instructions from source material into future agent behavior.
The workflow can turn researched content into a generated SKILL.md. This is purpose-aligned, but retrieved or local source material can become persistent agent instructions if not reviewed.
6维并行调研 ... --mode network ... HumanOS构建 ... --output ./output/<target>/SKILL.md
Review generated SKILL.md files for prompt-injection-like instructions, unsafe tool use, and misleading claims before installing or sharing them.