ClawHub

Ai Job Advisor

Security checks across malware telemetry and agentic risk

Overview

This job-advisor skill is mostly coherent, but it automatically stores sensitive job-search details and can reuse a local historical record without clear per-session consent.

Review this skill carefully before installing. Use it only in a workspace where you are comfortable storing resumes, salary goals, employer names, screenshots, and job-progress history. Avoid allowing it to read prior local records or auto-save details unless you explicitly want persistent job-search memory.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Context-Inappropriate Capability

Medium
Confidence
98% confidence
Finding
The skill explicitly instructs consulting a specific local Downloads-path record to fill in missing company names that the user did not provide in the current interaction. This is an unjustified cross-context read of local data and can leak prior sensitive job-search history into a new session without the user's knowledge or consent.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill mandates immediate automatic updates to local memory files after users provide job descriptions or progress updates, but it does not clearly warn users up front that their job-search data will be persistently stored. Users may reveal sensitive employment information believing it is ephemeral, when the skill is designed to retain it long-term.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill requests resumes, contact details, salary expectations, location, and headshot photos, all of which are sensitive personal and professional data. It does so without clearly disclosing storage, retention, sharing boundaries, or file-handling risks, which increases the chance of overcollection and unexpected exposure.

Ssd 3

Medium
Confidence
97% confidence
Finding
The skill requires automatic long-term recording of job descriptions and progress details whenever the user provides new information, without a per-item consent step. Because job-search data often includes employer names, compensation, timelines, and career intentions, this persistent capture meaningfully raises privacy and profiling risk.

Ssd 3

High
Confidence
98% confidence
Finding
The skill directs extraction of all key information from conversations into persistent Markdown records, including sensitive personal, employment, and job-search details. Broad, automatic archival of conversational content creates unnecessary retention of sensitive data and expands the blast radius if local files are later accessed by another tool, user, or process.

Ssd 3

Medium
Confidence
95% confidence
Finding
The skill defines standing local files that preserve complete job descriptions and ongoing progress records as a fixed memory store. Even if intended for convenience, keeping comprehensive job-search dossiers indefinitely increases privacy exposure and can reveal plans, compensation targets, and employer relationships if the local directory is accessed or synced elsewhere.

Ssd 3

High
Confidence
99% confidence
Finding
The instruction to consult historical local records to fill in company information not explicitly provided by the user authorizes the model to pull sensitive context from prior data sources without current-session consent. This can cause privacy leakage, inaccurate attribution, and unwanted mixing of separate applications or employers.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal