ClawHub

AI-Interview-Coach

Security checks across malware telemetry and agentic risk

Overview

This is a coherent interview-coaching skill, but users should know it can read resumes they provide and save local practice history.

Install only if you are comfortable with resume-based coaching and local interview-history tracking. Use explicit interview-prep commands, avoid providing highly sensitive resume details unless needed, and review or delete ~/.ai-interview-coach/history.json if you do not want practice records retained.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (15)

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The skill introduces interview history retention and local persistence in later sections, but this behavior is not disclosed in the manifest-level description where users and orchestrators would expect to learn about data handling. That mismatch can cause silent collection and retention of resume-derived and interview-performance data without informed user consent.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill directs automatic saving of interview history to a home-directory file containing session metadata, scores, weaknesses, and potentially resume-derived content. Persisting this locally is risky because it expands the data footprint beyond what is necessary for generating interview questions and may expose sensitive personal or career information to other local processes or users.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The trigger examples include broad natural-language phrases that users could plausibly say in ordinary conversation, increasing the chance the skill activates unintentionally. In a skill ecosystem, ambiguous activation can cause prompt hijacking of user intent, unnecessary context capture, or unexpected behavior when another task was intended.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The recommended starter prompt is very broad and can encourage activation from loosely related requests without clearly scoping when the skill should engage. This raises the risk of over-triggering and makes routing less predictable, especially in multi-skill environments.

Vague Triggers

Medium
Confidence
89% confidence
Finding
Several command examples are short conversational phrases like asking whether one can interview now or requesting a plan, which may overlap with normal assistant usage. This can cause accidental invocation and unintended handling of user inputs under the skill's specialized logic.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README states that practice history is automatically saved, but it does not disclose retention limits, storage location, consent flow, or how users can delete their data. Because interview practice may contain resumes, career history, and self-assessments, silent retention creates privacy and compliance risk.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The trigger list includes broad phrases like interview-related keywords that may match ordinary conversation and activate the skill unexpectedly. Unintended activation becomes more concerning here because the skill may then request or process resumes and store history, increasing the chance of unnecessary personal-data handling.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The quick-start guidance relies on permissive natural-language examples and automatic inference, which can cause the skill to proceed without confirming the user's exact goal, difficulty, or data source. In this context, accidental activation can lead to resume analysis or persistence behavior being invoked when the user only mentioned interview topics casually.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill instructs reading PDF, DOCX, and Markdown resumes and extracting personal and professional details, but it does not warn users that resumes commonly contain sensitive personal data. Without a privacy notice or minimization guidance, the skill may over-collect or over-process information not required for question generation.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The history-tracking section describes retaining cross-session interview data and generating trend analyses, but it does not provide an upfront user warning that this information will persist. Because the stored data can reveal job-search activity, skill gaps, and progress over time, undisclosed persistence creates a meaningful privacy risk.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill documents auto-saving history to a local file without a clear user-facing warning, meaning users may unknowingly create persistent records of interviews, scores, and recommendations. Silent auto-save is especially risky because resumes and mock-interview transcripts can contain sensitive personal and professional information.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The invocation triggers and examples are broad enough to overlap with ordinary conversational phrases, which can cause the skill to activate when the user did not explicitly request interview coaching. In an agent environment, unintended activation can route unrelated user content into this skill's logic, increasing the chance of unnecessary file access, retention, or generation based on sensitive context.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The examples normalize reading resume files and saving outputs without clearly requiring informed user consent, scope limitation, or warning that resumes and interview transcripts may contain sensitive personal data. This creates a privacy risk because users may not understand that personal identifiers, employment history, and self-assessment content are being accessed, stored, or reproduced.

Ssd 3

Medium
Confidence
96% confidence
Finding
The skill instructs retention of detailed cross-session interview data, including scores, weaknesses, recommendations, and saved file paths, without minimization or sensitivity boundaries. This creates an unnecessary profile of the user's job search and capabilities that could be exposed locally or misused if the storage location is accessed.

Ssd 3

Medium
Confidence
93% confidence
Finding
The history, save, and progress-report flows encourage retention and re-display of prior answers, performance data, and interview records, which may include sensitive professional history, weaknesses, and other personal content. Without clear minimization, access controls, retention limits, or consent boundaries, this accumulated data can be exposed to the wrong context or over-shared back to the user or other components.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal