ClawHub

Workable

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Workable ATS integration, but it gives an agent broad access to sensitive hiring data and write/delete paths without clear confirmation guardrails.

Install only if you are comfortable delegating Workable access through Membrane. Use the least-privileged Workable account available, verify the Membrane CLI before global installation, and require explicit confirmation with candidate/job identifiers before any create, update, move, tag, comment, disqualify, or non-GET proxy request.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
78% confidence
Finding
The activation guidance says to use the skill when the user wants to interact with 'Workable data,' which is broad enough to encourage the agent to invoke a network-enabled integration without sufficiently narrowing the task to ATS-specific and user-authorized operations. In a system that can list actions, move candidates, disqualify candidates, and issue proxy requests, overly broad routing increases the chance of unnecessary access to sensitive HR data or unintended state-changing operations.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The proxy-request section explicitly documents raw authenticated HTTP access, including POST, PUT, PATCH, and DELETE, but does not warn that these operations can directly modify or delete remote Workable data. In an HR/ATS context, that makes the omission more dangerous because candidate records, comments, stages, and other hiring data are sensitive and business-critical.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal