Security audit

Job Hunter

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent job-search assistant that stores CV/job-search data locally and uses web lookups for job boards, with no evidence of hidden submission, exfiltration, or destructive behavior.

Install only in a private workspace or agent profile, keep the data directory out of version control and shared sync folders, review config before scans, and avoid putting tokens or credentials in config.json. Expect job boards to see search queries derived from your configured roles, skills, markets, and salary preferences.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The activation rules are broad enough to trigger on general career-help or ambiguous job-related phrases, including receiving a CV with no context. Because the skill persists sensitive personal data and initiates job-search workflows, accidental activation could cause unintended local storage, analysis, or external browsing based on private user information.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill directs storage of highly sensitive job-search data—raw CV, structured profile, application history, and seen-job records—without an upfront privacy warning. This is dangerous because the data can reveal identity, employment history, compensation targets, and job-seeking activity, all of which are sensitive and could harm the user if exposed on disk or synced/committed unintentionally.

Missing User Warnings

Low

Confidence: 79% confidence
Finding: The workflow instructs the agent to fetch job-board and career-page content based on the user's profile and configured targets, but does not warn the user beforehand that their interests, seniority, technologies, and salary preferences may shape outbound queries. Even if only derived search terms are sent, this can leak sensitive intent and profile information to third-party sites and create an unexpected privacy exposure.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The script stores both the full raw CV text and a structured profile JSON to arbitrary filesystem paths, and the data includes highly sensitive personal information such as contact details, employment history, education, languages, and inferred professional profile data. In a job-hunting skill, this is especially sensitive because CVs are rich in PII, so writing them to disk without explicit consent, minimization, retention controls, or secure file handling increases the risk of accidental disclosure through shared directories, backups, logs, or later processing by other components.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.