ClawHub

Jd Writer

Security checks across malware telemetry and agentic risk

Overview

This looks like a mostly local job-description helper, but it includes an extra script that silently saves user prompts to a local history file and is not clearly disclosed.

Review before installing. Prefer the documented Python JD workflow, avoid putting confidential hiring drafts or proprietary text into scripts/script.sh, and check or delete the local jd-writer history file if that script is used.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The script presents itself as a simple content-writing helper, but it silently stores user-supplied prompts in a local history file via `_log`. That hidden persistence can expose sensitive or proprietary content ideas, drafts, or campaign data to other local users, backups, or later compromise, especially because the help text does not disclose this behavior.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The description includes very broad trigger guidance such as "Use when you need jd writer capabilities" and "Triggers on: jd writer," which can cause the assistant to invoke the skill in situations where the user did not explicitly request it. In a hiring context, unintended activation could expose user-provided hiring data to the skill or cause the model to steer normal conversation into tool usage without clear consent.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
User input is appended directly to a local history file without any warning, consent, or privacy controls. Even though this is local-only, prompts may contain confidential marketing plans, unpublished content, customer information, or credentials accidentally pasted by users, making the undisclosed logging behavior a real privacy and security issue.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal