Vietnam Fullstack Jobs
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This looks like a straightforward job-search helper, but it relies on Firecrawl, a Firecrawl API key, and a separate helper skill that are not fully declared in the metadata.
Before installing, make sure you trust and have separately reviewed the required firecrawl-search skill, and use a dedicated Firecrawl API key because this skill will automatically make external search and scrape requests when invoked.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Invoking the skill may consume Firecrawl API quota and make requests to the listed job sites automatically.
The skill will trigger multiple Firecrawl-backed search and scrape commands without an extra prompt once invoked. This is aligned with its job-search purpose, but users should expect external API/network usage.
Run all search queries automatically, without asking for confirmation.
Use it when you intend to run those searches, and monitor Firecrawl usage or ask your agent to confirm before running if you want tighter control.
A Firecrawl API key may be used and billed according to the provider account tied to that key.
The skill requires a provider API key, which is sensitive credential material. This is expected for Firecrawl use, but it is not declared in the registry requirements.
Requires firecrawl-search skill and FIRECRAWL_API_KEY env var.
Use a dedicated, revocable Firecrawl key if possible, keep it out of prompts and outputs, and rotate it if you suspect exposure.
The actual runtime behavior also depends on the separately installed firecrawl-search skill, which was not reviewed here.
The skill depends on executable scripts from a separate firecrawl-search skill that are not included in this artifact set or installed by this package.
python3 skills/firecrawl-search/scripts/search.py ... python3 skills/firecrawl-search/scripts/scrape.py ...
Install firecrawl-search only from a trusted source and review its scripts and credential handling before using this skill.