ClawHub

Job Search Tracker

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed job-search helper that stores tracker data locally and optionally uses connected Gmail, LinkedIn, browser, and web-search tools for job-search tasks.

Install only if you are comfortable with an assistant using any Gmail, LinkedIn, browser, or web-search tools you have connected for job-search tasks. For lower exposure, use tracker-only mode by not connecting Gmail or LinkedIn; the local tracker still works.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The skill description says LinkedIn lookups are optional and user-mediated, but the body instructs the assistant to proactively perform LinkedIn and fallback web research during ordinary workflows such as adding applications or interview prep. That mismatch can cause the assistant to access external services and gather third-party data without a clear, per-action user request, undermining informed consent and violating least-privilege expectations.

Intent-Code Divergence

Medium
Confidence
78% confidence
Finding
The privacy section narrowly claims the skill does not persist anything outside the working directory, yet the workflow explicitly uses browser automation, LinkedIn, Gmail, and web search tooling. Even if the skill itself does not write files remotely, those external services and tools may log queries, page visits, and retrieved data, so the statement is materially incomplete and may mislead users about where their sensitive job-search information can flow.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal