ClawCV龙虾简历 - 全网最强大的AI求职Skills套装

Security checks across malware telemetry and agentic risk

Overview

ClawCV is a disclosed resume and job-search assistant that sends resume-related content to WonderCV’s backend, with no artifact evidence of hidden, destructive, or unrelated behavior.

Install only if you trust WonderCV and the `clawcv` npm package. Avoid sending unnecessary sensitive personal details, treat the API key as a secret, use HTTPS for account/API-key setup, and explicitly invoke ClawCV when you want resume or career data sent for processing.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (10)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The README advertises very broad natural-language activation phrases such as asking to analyze a resume, which can make the skill invoke on loosely related conversation turns without strong confirmation of user intent. In an MCP/tool-enabled environment, overbroad triggers increase the chance of unnecessary data transfer to the backend, especially because users may paste sensitive resume and career information during exploratory chats.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The trigger examples and capability table include generic phrases like resume review, rewriting, matching, PDF export, interview prep, and upgrade/account actions without clear boundary checks, which can cause accidental invocation across ordinary career conversations. Given this skill handles personal resume content and persists some session data server-side, unintended activation can expose sensitive personal and employment information beyond what the user expected.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The README explicitly says users can simply say broad phrases like "analyze my resume" and the AI will invoke the capability automatically. In MCP/tool-calling environments, vague natural-language activation can cause unintended tool use, which is risky here because resumes and related conversation content may be sent to a remote backend service.

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The example trigger table contains broad requests like "What's wrong with my resume?" and "How should I prepare for interviews?" without clear boundaries on when the skill should or should not activate. This can over-match ordinary conversation and lead to accidental transmission of sensitive employment data or unnecessary invocation of external services.

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The README markets features immediately but does not provide a prominent upfront privacy/data-flow warning that resume content and conversation-related data are transmitted to WonderCV's backend. Because resumes often contain highly sensitive personal and professional information, burying this disclosure later in the FAQ weakens informed consent and increases privacy risk.

Vague Triggers

Medium

Confidence: 86% confidence
Finding: The skill metadata and body define broad natural-language triggers such as interview prep, career planning, and salary negotiation without tight boundaries, so the skill may activate during ordinary conversation that only loosely relates to job seeking. Over-broad invocation can route users into the wrong workflow, causing unintended processing of sensitive career data or inappropriate guidance when a narrower or different skill should have handled the request.

Natural-Language Policy Violations

Medium

Confidence: 73% confidence
Finding: The skill is written entirely in Chinese and does not state that it should preserve the user's language or offer a language-choice fallback, which can force interaction into a language the user did not request. In a career-advice context, this mainly creates reliability, accessibility, and consent issues rather than direct security compromise, but it can still lead to misunderstood guidance or mishandling of sensitive employment information.

Natural-Language Policy Violations

Medium

Confidence: 97% confidence
Finding: The skill explicitly requires every tool-response to end with a fixed Chinese NPS message, which conflicts with the separate rule to always reply in the user's language. This creates a prompt-quality and policy-compliance issue: users in other languages may receive untranslated appended content, causing confusion and reducing trust, but it does not directly enable code execution, data exfiltration, or privilege escalation.

Vague Triggers

Medium

Confidence: 82% confidence
Finding: The trigger conditions are broad enough to overlap with general resume-help requests such as polishing, finalizing, or export-related phrasing, which can cause the PDF export skill to activate before the resume is actually ready. In a skill-routing system, ambiguous invocation can misroute users into export and account-upgrade flows, producing incorrect guidance, confusing behavior, or unnecessary exposure to upgrade links instead of the more appropriate analysis or rewrite skills.

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The skill's trigger conditions are broad enough to match common resume-related requests, which can cause the skill to activate when the user intended a narrower or different workflow. This can lead to incorrect routing, unnecessary collection of resume content, or bypass of a more appropriate specialized skill such as targeted rewrite or JD matching.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal