ClawHub

Job-Hunter

Security checks across malware telemetry and agentic risk

Overview

This job-search CV skill is coherent, but it deserves review because it installs unpinned external code and handles sensitive resume data, API keys, scheduled automation, and Telegram delivery without enough safeguards.

Install only if you are comfortable reviewing or pinning the external CareerForge CLI before running npm install. Keep the workspace private, treat the Gemini API key like a password, avoid committing .env files, confirm Telegram recipients before enabling automation, and delete generated resumes/CVs and stored configuration when no longer needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill description is broad enough to trigger on many ordinary resume or job-search requests, which can cause the agent to invoke this skill in contexts where the user did not intend automation, local file creation, GitHub cloning, or CLI setup. In this skill, overbroad activation is more dangerous because invocation leads to collecting sensitive personal data and installing/running external tooling, increasing the chance of unnecessary exposure or unsafe actions.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to gather highly sensitive personal data including contact details, work history, education, and also an API key, but provides no privacy notice, data-minimization guidance, storage controls, or consent checkpoints. This is especially risky here because the workflow also writes files locally and integrates with external tools and messaging, creating multiple paths for accidental retention, leakage, or misuse of personal information and credentials.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The documentation explicitly states that tailored CV generation sends master resume content and job-description data to Gemini, but it does not warn users that this may transmit sensitive personal, employment, and application data to a third-party AI provider. In a job-search skill, that omission is materially risky because resumes often contain full names, contact details, employment history, and other personal data that users may not realize are being shared externally.

Missing User Warnings

Low
Confidence
88% confidence
Finding
The file documents storing an API key in an environment variable or .env file but does not tell users to keep the key secret, avoid committing .env files, or add them to .gitignore. This can lead to accidental credential exposure through source control, shared screenshots, copied files, or workspace leakage.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill documents sending job listings and generated CV PDFs to a Telegram group/user workflow without any privacy notice, access-control guidance, or warning that resumes may contain sensitive personal data. In this context, CVs commonly include full names, contact details, employment history, and other identifying information, so routing them through Telegram can expose personal data to unintended recipients, group members, or compromised accounts.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The configuration states that resume and job-processing features use external LLM providers and API keys, but it does not warn that user resumes, job descriptions, and derived profile data may be transmitted to third-party AI services. Because this skill handles highly personal employment data, omission of that disclosure can lead users to unknowingly send sensitive information outside their local environment and into external provider retention, logging, or training pipelines.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal