ClawHub

Job Lead Radar

v1.0.1

Scrapes and collects job leads from Indeed, ZipRecruiter, ProductionHUB, and LinkedIn on demand or schedule for production and creative roles.

0· 58·0 current·0 all-time
by@gullish42069
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Crypto
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (job lead scraping) matches the included script and SKILL.md. The script fetches public job board pages and extracts titles/companies/links; no unrelated services, credentials, or system resources are requested.
Instruction Scope
SKILL.md instructs running the provided Python script and optionally scheduling it via cron; outputs are written to a local job_leads.json in the skill directory. The instructions do not ask the agent to read arbitrary user files, environment variables, or transmit data to endpoints other than the job boards.
Install Mechanism
There is no install spec (instruction-only). The script depends on a third-party pip package ('scrapling'); the installer is left to the user (pip install scrapling). This is common but you should vet the scrapling package (source, trustworthiness) before installing.
Credentials
No environment variables, credentials, or config paths are requested. The script does not attempt to read secrets or other system config. This is proportionate to a scraper that targets public pages.
Persistence & Privilege
always is false, skill is user-invocable, and it does not modify agent/system-wide settings. It only writes its own job_leads.json file in its script directory.
Assessment
This skill appears to be what it claims: a local scraper that writes job_leads.json. Before installing or running it: (1) review the pip package 'scrapling' (source, recent releases) before pip installing to avoid pulling a malicious package; (2) consider running the script in an isolated environment (virtualenv or sandbox) and inspect network activity if concerned; (3) be aware that scraping sites like Indeed, ZipRecruiter, and LinkedIn may trigger anti-bot protections and may violate those sites' terms of service — use responsibly; (4) the skill writes files to ~/.openclaw/skills/job-lead-radar and logs via cron examples — verify cron entries and log retention meet your privacy policies. If you want higher assurance, request the upstream repository or maintainer information (homepage/source) and verify the scrapling dependency source.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ffgp248z99r6zhryc1626ax84ctwg

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments