Not sure if this is the right place to post this but I'm looking for a checklist that covers pentesting robots. These robots do literal heavy lifting of packages and are controlled via a web app and some APIs. So I'm planning to approach this activity as testing another web app and APIs but I'm concerned about the hardware exploits.
What should I be looking for in the hardware aspect and is there a checklist available for my requirement? Also if there are more things to going about this activity please bring them to my attention. Any help is much appreciated.