ClawHub

Tamar Resume Tailor

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent Tamar resume-tailoring integration, but users should understand that resume and job data are sent to an external service.

Install only if you are comfortable sending your resume, job descriptions, profile information, and feedback to Tamar through its CLI/API. Use a revocable API key, avoid pasting secrets into chat or screenshots, confirm the exact files and text before upload, and redact unrelated sensitive information where possible.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
The feedback flow claims to mitigate shell injection by using a temporary file, but then immediately re-inserts the file contents into the shell via command substitution: `tamar feedback "$(cat /tmp/feedback.txt)"`. If the feedback contains shell metacharacters or command-substitution syntax, this pattern can still lead to unsafe command construction depending on how the command is executed by the agent. In this skill's context, the input is fully user-controlled text, so the mismatch between the safety guidance and the example makes accidental exploitation more likely.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README instructs users to upload resumes and job descriptions/URLs to a third-party service, which likely involves sensitive personal and employment data, but it does not clearly warn about privacy, retention, or external transmission implications. Because resumes commonly contain PII and confidential work history, users may disclose sensitive data without informed consent or understanding of where it is sent.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill directs the agent to upload resumes and process job descriptions through an external API, but it does not require an explicit user-facing notice that personal documents and potentially sensitive employment data will leave the local environment. This creates a privacy and consent risk: users may not realize their resume contents, work history, contact details, or confidential job materials are being transferred to a third-party service.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The trigger phrases are broad enough to match ordinary career-assistance requests, which can cause the skill to activate when the user did not specifically intend to invoke an external resume-tailoring workflow. Unintended activation matters here because the skill can upload resumes and send job descriptions to a third-party API, increasing the chance of inadvertent data transfer or unnecessary command execution.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill routes resumes and job descriptions to an external AI API, but it does not instruct the agent to warn the user that potentially sensitive personal and employment data will leave the local environment. Because resumes often contain PII, employment history, and contact details, the absence of an explicit privacy notice undermines informed consent and increases data exposure risk.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The skill tells the user to run `tamar auth --key <their-key>` but provides no caution about protecting the API key from shell history, logs, screenshots, or accidental sharing with the agent. While this is not direct code execution, poor credential-handling guidance can lead to credential leakage and unauthorized API use.

VirusTotal

50/50 vendors flagged this skill as clean.

View on VirusTotal