Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
51mee Candidate Tracker
v1.2.0候选人追踪系统。触发场景:用户要求管理候选人池,记录状态、设置提醒、生成标签。
⭐ 0· 163·0 current·0 all-time
by51mee@51mee-com
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name and description match the SKILL.md functionality (add/update/query/remind/delete, dashboards, tags). However the doc simultaneously claims '会话结束后自动清除数据' and '不保存候选人敏感信息' while also supporting a '长期人才库' and automatic reminders — it's unclear how persistent storage or reminders are implemented and where data is stored. This inconsistency between 'no persistent storage' and 'long‑term talent pool / automatic reminders' is not justified by the instructions.
Instruction Scope
The SKILL.md provides detailed prompt templates and JSON schemas and claims to ignore instructions that attempt to modify system logic or delete records. Yet the skill explicitly supports a 'delete' operation. The document does not specify any input sanitization or how user-supplied candidate fields (notes/history) are handled, which creates a prompt‑injection risk: user-controlled candidate data could contain instructions that the agent might follow despite the high-level 'ignore' rule. The reminders/auto-notifications mechanism is also unspecified (no target endpoints, scheduling mechanism, or delivery medium).
Install Mechanism
Instruction-only skill with no install spec, no code files, no downloaded artifacts and no required binaries — minimal installation footprint.
Credentials
No environment variables, credentials, or config paths are requested, which is proportionate to a local, instruction-only candidate tracker. (Note: the privacy claim about 'not sending to third parties' depends on platform enforcement and is not verifiable from the SKILL.md alone.)
Persistence & Privilege
The skill does not request 'always: true' and is not force-included. However, it makes claims about automatic data clearing and also about maintaining a long-term talent pool and generating automatic reminders — the runtime responsibilities (where and how data/reminders persist) are not defined. That unclear persistence model increases risk if you expect data to be transient.
What to consider before installing
Before installing, ask the skill author or provider for concrete details: (1) Where and how candidate data is stored (in-memory only, local disk, external database, or third-party service)? (2) How are automatic reminders implemented and delivered (local scheduler, email/SMS/API endpoints)? Provide the exact endpoints or storage locations. (3) How are candidate-provided text fields sanitized to prevent prompt injection or accidental execution of instructions embedded in notes/history? (4) Clarify the apparent contradiction between '会话结束后自动清除数据' and '长期人才库 / 自动提醒' — if the skill stores long-term records, what retention and access controls exist? (5) If you will use real personal data, test the skill first with non-sensitive sample data and confirm it does not transmit data externally. If these questions are unanswered or the provider can't show concrete storage/delivery details, treat the skill as unsuitable for sensitive candidate data.Like a lobster shell, security has layers — review code before you run it.
latestvk976w4adphxpktwhn729a7c919833ywf
License
MIT-0
Free to use, modify, and redistribute. No attribution required.