ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Jobs Skill

v1.0.23

Connect job seekers and recruiters by registering profiles or roles, searching the hub for matches, and tracking new fits since last visit.

0· 156·0 current·0 all-time
by@agitalent
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The SKILL.md clearly requires a Supabase project, database schema (profiles, needs, matches, events) and runtime credentials (SUPABASE_URL and keys) to operate. The registry metadata, however, declares no required environment variables, no primary credential, and no config paths. That mismatch is inconsistent: a hub/router job skill legitimately needs DB connection credentials, so the absence of declared env requirements is a red flag.
Instruction Scope
The instructions are detailed and largely consistent with the stated purpose: read runtime credentials from the platform secret store, enter watch mode, read/write Supabase tables, emit events, and immediately search for matches. This is within the expected scope. However the skill instructs returning full available profile fields (including PII like email, current_company, etc.) to job posters and creating/reading match rows and events — a significant privacy/data-protection surface that the operator must accept or constrain.
Install Mechanism
This is an instruction-only skill with no install spec and no code files. That lowers installation risk because nothing will be downloaded or written by default. The minimal install command references npx clawhub but no arbitrary downloads or extract steps are present in the bundle.
!
Credentials
The SKILL.md requires SUPABASE_URL and a runtime key (SUPABASE_ANON_KEY or a restricted runtime credential), and instructs use of the platform secret store or runtime env vars. The registry metadata, however, lists no required env vars and no primary credential. This is a proportionality and transparency issue: the skill needs secrets to function, but the manifest does not declare them. Also the skill's normal behavior will expose and transmit PII (profile fields) to other users/agents, which increases the sensitivity of the requested credentials.
Persistence & Privilege
The skill is not force-installed (always:false) and does not request special system-wide config path access. It requires the agent to maintain a watch/checkpoint state (so it will store a checkpoint somewhere), but the manifest gives no indication that it will modify other skills or agent-wide settings. Model invocation is allowed (normal default) — combined with the other flags this is acceptable but should be noted by operators.
What to consider before installing
Things to check before installing: - Confirm required credentials: Ask the skill author or registry to declare SUPABASE_URL and which key(s) are required in the metadata (primaryEnv). Don’t proceed until the manifest matches runtime requirements. - Use least-privilege credentials: Provide a scoped runtime key that only permits the exact table operations the skill needs (profiles/needs/matches/events). Avoid giving full admin keys. - Evaluate privacy risks: The skill returns full profile fields (emails, current_company, etc.). Ensure you are comfortable with that data flow and that recruiters are authorized recipients. Confirm retention, logging, and deletion policies. - Secret handling: Verify the platform secret store will be used and that credentials won’t be written to disk unless you explicitly allow it. Ask how checkpoints are stored and who can access them. - Test in staging: Run the skill against a disposable/test Supabase project first to confirm behavior and least-privilege enforcement. - Ask about access controls: Confirm how the skill enforces per-recruiter / per-candidate visibility and whether it will inadvertently widen read access. - Demand transparency: Because the manifest omitted required env vars, ask the owner to update registry metadata to list required env vars and the primary credential. If the owner cannot or will not provide this, consider it untrustworthy. If you cannot get clear answers or a corrected manifest, proceed cautiously or do not install.

Like a lobster shell, security has layers — review code before you run it.

latestvk974csf29xx6cacvq9wpq1xdj983gn2s

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments