ClawHub

面试助手

Security checks across malware telemetry and agentic risk

Overview

This interview-coach skill does what it says, but users should know it may install Python parsing libraries and may upload image or scanned-PDF contents to an OCR service.

Install only if you are comfortable with the skill installing Python packages at first use. For sensitive resumes or JDs, prefer text, Word, or text-based PDF input so content stays local; image and scanned-PDF OCR sends the document and OCR token to the configured PaddleOCR endpoint.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
import subprocess
    print(f"[安装依赖] {pkg} ...", file=sys.stderr)
    try:
        subprocess.check_call(
            ["uv", "pip", "install", pkg, "--system", "-q"],
            stderr=subprocess.DEVNULL,
        )
Confidence
94% confidence
Finding
subprocess.check_call( ["uv", "pip", "install", pkg, "--system", "-q"], stderr=subprocess.DEVNULL, )

subprocess module call

Medium
Category
Dangerous Code Execution
Content
except FileNotFoundError:
        print("[安装依赖] uv 未找到,改用 pip ...", file=sys.stderr)
        try:
            subprocess.check_call(
                [sys.executable, "-m", "pip", "install", pkg, "-q"],
                stderr=subprocess.DEVNULL,
            )
Confidence
94% confidence
Finding
subprocess.check_call( [sys.executable, "-m", "pip", "install", pkg, "-q"], stderr=subprocess.DEVNULL, )

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
Automatic dependency installation is unjustified for a document parsing helper and creates a clear supply-chain and environment-integrity risk. Since this skill processes untrusted user files, combining untrusted input handling with self-modifying runtime behavior makes the operational context more dangerous, not less.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal