ClawHub

CV Skill

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward resume and cover-letter generator that uses local files and optional PDF export as disclosed, with no evidence of hidden data collection or destructive behavior.

Install only if you are comfortable letting the skill process resume data from files you provide and create local DOCX/PDF outputs. Review the candidate JSON before use, keep generated outputs in an intended folder, approve pip installation only when needed, and use optional PDF export only in an environment where LibreOffice document conversion is acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill instructs the agent to read local files and execute shell commands (`python3 ...`, optional `pip install`, and PDF export via LibreOffice), but the skill metadata shown in this file does not declare corresponding permissions. This creates a capability/permission mismatch that can bypass operator expectations and increase the chance that an agent performs filesystem access or command execution without explicit approval boundaries.

Context-Inappropriate Capability

Medium
Confidence
78% confidence
Finding
Exporting untrusted, user-influenced DOCX content through an external office suite increases attack surface because document parsers have a long history of memory-corruption and file-processing vulnerabilities. In this skill context, the script generates documents from user JSON and then hands them to LibreOffice, so a maliciously crafted input or environment could trigger risky parsing behavior in a powerful desktop-class binary.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal