Back to skill

Security audit

Offer 助手

Security checks across malware telemetry and agentic risk

Overview

This job-search assistant is coherent, but it automatically stores sensitive resume and interview information in persistent Feishu/cloud documents without clear consent, retention, or sharing controls.

Install only if you are comfortable with the assistant processing resumes, job descriptions, interview notes, and application history. Before using it, confirm where Feishu documents are created, who can access the destination folder, whether network lookups are allowed, and how stored resume materials and interview records can be deleted or kept local.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (11)

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
The instruction to open user-supplied links with tools or web access can enable server-side request forgery style behavior, retrieval of internal-only resources, or access to attacker-controlled content that triggers downstream processing. In a resume assistant, fetching arbitrary URLs is not inherently required unless constrained, so the skill context makes unrestricted link access more dangerous rather than less.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill states that resume-derived materials are kept permanently, but resumes contain highly sensitive personal and employment information. Without explicit retention, deletion, access-control, and storage-transparency warnings, users may unknowingly expose long-lived personal data that could be leaked, reused improperly, or retained beyond their expectations.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill advertises online company-background lookups during JD analysis but does not warn users that job descriptions, links, or related context may be sent to external services. This can unintentionally disclose sensitive job-search activity, employer targets, or embedded personal information to third parties without informed consent.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger list uses broad phrases like '生成', '出 PDF', and '做一份', which can cause the agent to launch resume-generation actions from ambiguous user input. In this skill, those actions may process personal resume data and create output files automatically, so overbroad activation increases the chance of unintended data handling or side effects without clear user intent.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The guide instructs the agent to automatically create a Feishu document from extracted resume contents, which likely includes sensitive personal data such as work history, education, and skills. Sending this data to an external platform without an explicit user-facing notice and consent step creates a real privacy and data-governance risk, especially because the behavior is automatic on file detection.

Missing User Warnings

Low
Confidence
84% confidence
Finding
Automatic JD analysis includes network retrieval of company information, meaning user-provided job descriptions, screenshots, or links may trigger outbound requests without clear disclosure. While this is less sensitive than exporting full resume content, it still creates transparency and privacy concerns and may expose browsing or application intent to external services.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The methodology instructs the agent to create and continuously append to a Feishu document containing JD text, analysis results, and interview records, but it does not require explicit user consent, disclose retention/sharing, or apply data minimization. Because interview notes and application materials can contain sensitive personal or employment-related information, silently persisting them to a third-party platform creates a real privacy and data-governance risk.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill processes highly sensitive personal data including names, phone numbers, email addresses, city, education, and work history, and explicitly directs downloading files to local temporary storage and extracting text. Without privacy notice, retention limits, or user consent language, users may unknowingly expose personal information to local/system processing, logs, or persistent storage.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly describes persistent storage of sensitive job-application and interview data, including employer names, interview notes, self-assessments, and timeline details, but provides no user notice, consent flow, retention limit, or privacy controls. This creates a real privacy and data-governance risk because users may not realize highly personal career data is being retained beyond the current session or written to a separate document.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The script explicitly states that the agent should automatically trigger on detecting a JD, generate analysis, create a Feishu document, and move it into a specific folder, but it includes no user confirmation, preview, or opt-in step before performing those side effects. In an agent context, this can cause unwanted data persistence and disclosure of potentially sensitive job-search materials or scraped content to external systems without the user's explicit approval.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The script describes an automatic workflow that extracts resume contents and creates/moves a cloud document containing personally identifiable information, but it does not mention explicit user consent, confirmation, destination verification, retention controls, or minimization. In the context of a job-assistant skill handling resumes, this increases privacy and data-governance risk because sensitive personal data may be uploaded to a third-party platform or stored in a shared folder without the user's informed approval.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Static analysis

Detected: suspicious.dangerous_exec

Shell command execution detected (child_process).

Critical
Code
suspicious.dangerous_exec
Location
scripts/generate-pdf.js:59

Shell command execution detected (child_process).

Critical
Code
suspicious.dangerous_exec
Location
scripts/workflow.js:146