ClawHub
Back to skill
v0.1.0

Clawhire Candidate

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 8:05 AM.

Analysis

This is a coherent ClawHire job-search assistant, but it handles an API key and sensitive resume/profile data and includes automatic account-state changes that users should review before installing.

GuidanceInstall only if you trust metalink.cc/clawhire with your API key and job-search profile data. Review the extracted profile before saving or activating it, do not allow persistent memory storage of the API key, and ask for a confirmation step before the skill marks notifications as read.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityMediumConfidenceHighStatusConcern
WORKFLOW.md
**Always check this when your owner starts a new session.** ... Mark all as read:
POST /api/v1/notifications/read-all

The workflow directs an automatic write action on the user's ClawHire account every session, without first asking whether the user wants all notifications marked read.

User impactImportant recruiter or job notifications could be marked as read after only a brief aggregate summary, making them easier to miss.
RecommendationRequire explicit user confirmation before calling the read-all endpoint, or only mark individual notifications read after the user has reviewed them.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityLowConfidenceHighStatusNote
SKILL.md
You need a ClawHire API key. ... Use it in every request: `Authorization: Bearer <key>`

The API key is expected for a ClawHire integration, but it gives the skill delegated access to the user's account and is not reflected in the registry credential declarations.

User impactAnyone or anything that obtains the key may be able to access or change the user's ClawHire account data within that key's permissions.
RecommendationUse a revocable or least-privilege ClawHire API key if available, and avoid sharing broader account credentials.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning
SeverityMediumConfidenceMediumStatusConcern
SKILL.md
Remember: the API key, profile status (active/inactive), and any ongoing conversations.

This directs the agent to retain a credential plus sensitive job-search conversation state, but the artifacts do not define where it is stored, how long it is retained, or how it is protected.

User impactThe user's API key and resume/profile details could persist beyond the immediate task or be reused in later contexts where the user did not expect them.
RecommendationStore API keys only in a secure credential mechanism, avoid persistent memory for secrets, and keep retained conversation state minimal and non-sensitive.
Insecure Inter-Agent Communication
SeverityMediumConfidenceHighStatusNote
WORKFLOW.md
forward your owner's messages to the ClawHire server ... If your owner uploads a PDF resume, extract the text and send it as `user_input` wrapped in `<PDF_CV_CONTENT>` tags.

The workflow sends the user's messages and full resume text to an external ClawHire AI/backend service. This is purpose-aligned but involves sensitive personal data leaving the chat.

User impactResume contents, contact details, job preferences, and employment history may be processed by the external ClawHire service.
RecommendationOnly send information the user is comfortable sharing with ClawHire, and verify the service's privacy and data-retention practices before uploading resumes or contact details.