ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

职场罗盘-用于面试者提前面试和公司背调,以及模拟面试;Your Guide for Interview Prep, Company Research, and Mock Interviews

v1.0.0

职场罗盘 by Barry — 一站式求职辅助 Skill。整合简历解析优化、公司调研(就业向)、同城职位搜索、模拟面试四大模块。输入个人信息/简历,自动生成简历优化方向、公司调研报告、招聘表单,并可进行模拟面试。

0· 45·0 current·0 all-time
by@barry0-0
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The high‑level purpose (resume parsing, company research, job search via BOSS, mock interviews) matches the included modules (pdf-tool, employment-company, interview-simulator, boss-cli). Requiring a BOSS CLI and PDF tools is reasonable for same‑city job search and PDF resume parsing. However, the README/SKILL.md repeatedly claims only read‑only BOSS usage, while the included boss-cli package appears to implement additional interactive commands (e.g., greet/chat/batch-greet) referenced in tests/CLI help — a mismatch between the 'read-only' claim and the underlying package capabilities.
!
Instruction Scope
Runtime instructions include running local PDF tools (pdftotext, tesseract) on user-supplied file paths — expected for parsing — but the bundled boss-cli contains code to extract browser cookies, access platform keychains, and persist credentials to ~/.config/boss-cli/credential.json. The SKILL.md and README mention local cookie usage, but the skill gives broad triggers to activate and will prompt to run 'boss login' which can attempt local browser cookie extraction or QR login. The skill's instructions do not clearly warn users about these file and credential accesses and the presence of commands that could perform actions beyond read-only queries.
Install Mechanism
There is no platform install spec, but SKILL.md contains an install script that runs pip/pipx/uv to install 'kabi-boss-cli'. Installing a third‑party package from PyPI (or via 'uv tool install') is common but has moderate risk: the script will auto-invoke package installation (and platform may run SKILL.md install on install). The install is not pinned to a trusted release host or signed artifact in the script, and no lockfile is enforced — reasonable but worth auditing before running.
!
Credentials
The skill declares no required environment variables, but boss-cli supports a BOSS_COOKIES env var as a fallback and will read/write credential.json in the user's config directory. The skill will therefore access sensitive local artifacts (browser cookie DBs, platform keychains) to obtain session cookies. Those capabilities are relevant to the 'search BOSS' feature, but they are sensitive and more intrusive than typical resume-parsing skills. The SKILL.md does not require credentials but the package behavior implies optional credential exfiltration risk if misused.
Persistence & Privilege
The skill is not marked always:true and does not request elevated platform privileges. The bundled CLI persists session cookies to ~/.config/boss-cli/credential.json (with 0o600 file mode) and may auto-refresh cookies, which is expected for a CLI that interacts with a web service. That persistence is reasonable for usability but increases the blast radius if the installed package or environment is compromised.
What to consider before installing
This skill appears to implement the features it advertises, but it bundles a third‑party 'boss-cli' that will attempt to extract browser cookies, interact with platform keychains, and save session credentials locally. Before installing or auto-running the included install script: 1) Review the boss-cli code (or install it manually) and confirm you trust the package source ('kabi-boss-cli'); 2) Do not run the install script automatically in a sensitive environment — prefer manual installation inside an isolated environment (virtualenv or disposable VM); 3) Be cautious about running 'boss login' or setting BOSS_COOKIES — those expose your BOSS (zhipin) session cookies; 4) If you only need resume parsing or mock interviews, you can avoid installing boss-cli and instead paste resume text or use the prompt‑only interview simulator; 5) If you proceed, monitor ~/.config/boss-cli/credential.json and remove saved credentials when done. If you want, I can list the exact files and code locations that handle cookie extraction and credential persistence so you can inspect them more easily.

Like a lobster shell, security has layers — review code before you run it.

latestvk971bff9wb15r2j3j20bz0d7ex83stj4

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments