ClawHub

HiHired Resume

Security checks across malware telemetry and agentic risk

Overview

This resume helper is mostly coherent, but it can send sensitive resume and job data to an unencrypted raw backend IP without clear user consent.

Review carefully before installing. Use chat-only drafting or the public HiHired website if you do not want an agent uploading your resume data. Do not run the API helper on a real resume unless you are comfortable sending that data to HiHired, and prefer a verified HTTPS endpoint with explicit approval before each upload.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The documented behavior expands from a chat copilot/UI handoff skill into direct agent-side API execution against backend services, including parsing resumes and generating content from uploaded data. This materially changes the trust and data-flow model: instead of assisting in chat, the skill can autonomously send sensitive user resume and job data to remote services, increasing privacy and supply-chain risk.

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
The skill instructs the agent to bypass the normal public domain and call a direct backend IP address specifically to avoid Cloudflare protections blocking non-browser API signatures. Direct-to-IP access circumvents normal front-door controls, weakens provenance and policy enforcement, and makes it harder for users and platform safeguards to validate the destination handling their sensitive documents.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill encourages resume parsing, file upload, job-description handling, and API-backed processing without a user-facing warning that highly sensitive personal and employment data may be transmitted to third-party services. Because resumes commonly contain full names, email, phone, work history, education, and other PII, the missing disclosure and consent step substantially increases privacy and compliance risk.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The file instructs use of multiple resume-processing and generation endpoints that necessarily transmit highly sensitive personal and employment data, but it provides no corresponding privacy, consent, or data-handling warning. In a resume-copilot skill, this omission is meaningful because users may assume local or first-party-only processing when their resume contents and job descriptions are actually being sent to backend services.

Missing User Warnings

High
Confidence
96% confidence
Finding
The guidance to prefer direct backend calls to a raw IP address for agent-side execution bypasses the normal user-facing domain and provides no warning that sensitive resume data may be sent to a nonstandard backend host. This increases privacy, trust, and security risk because users may not expect their personal data to be transmitted to an infrastructure endpoint outside the visible site flow, and such patterns can weaken domain-based safeguards, transparency, and auditing.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script uploads the full contents of a local resume file to a remote HTTP endpoint via multipart POST, but provides no user-facing disclosure, consent prompt, or data-minimization control. Because resumes commonly contain PII such as full name, email, phone number, employment history, and addresses, silent transmission to a third-party service creates a meaningful privacy and compliance risk, especially since the default base URL uses plain HTTP to a raw IP address rather than HTTPS.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
These commands send structured resume data, job descriptions, and related application content to multiple remote API endpoints without any explicit warning that sensitive personal and employment information is leaving the local environment. In this skill context, that is especially risky because users are likely to submit highly sensitive career data, and the code again defaults to an unsecured HTTP service, increasing interception and unauthorized disclosure risk.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal