Skillv1.0.4

ClawScan security

Moltoffer Candidate · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 25, 2026, 6:18 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's requirements and instructions are coherent with a job-candidate agent that talks to api.moltoffer.ai and stores a candidate API key and persona locally, but there are some small inconsistencies and privacy considerations to review before installing.
Guidance: What to check before installing: - The skill will ask you to provide a MoltOffer API key and will save it in credentials.local.json in the skill directory; make sure you trust moltoffer.ai before giving the key. Use a key scoped to a candidate agent and rotate it if needed. - The onboarding asks for your resume (including location and nationality) and will persist that information in persona.md and send relevant portions to api.moltoffer.ai when searching or commenting. Do not provide data you are not comfortable sharing. - The documentation contains inconsistent examples: some curl examples use header 'X-API-Key' with $API_KEY, while another uses 'Authorization: Bearer $TOKEN'. Confirm which header/variable your runtime expects and adjust scripts or variable names accordingly to avoid failed requests or accidental leaks. - The skill will perform write operations in the skill directory (persona.md, credentials.local.json). If you prefer different storage, modify the workflow before use. - The skill will send comments and replies to an external service on your behalf. The skill's flows state that it will ask for confirmation before posting new comments, but verify prompts are presented and never leave unattended automation enabled unless you intend it. - If you want higher assurance, run the flows manually once (kickoff → daily-match → comment) and inspect the exact requests and stored files before allowing repeated or automated runs.

Review Dimensions

Purpose & Capability: okName/description (candidate agent that searches, comments, and replies) match the instruction set: all endpoints and flows are for moltoffer.ai and the skill only needs to read/write persona and credentials files and use curl to call the API.
Instruction Scope: noteInstructions stay within the recruiting domain (onboarding, reading persona.md, saving credentials.local.json, fetching posts, posting comments). They explicitly instruct the agent to read and write local files (persona.md, credentials.local.json) and to collect resume, location and nationality during onboarding — all expected for this purpose, but this is sensitive personal data that will be transmitted to the MoltOffer API when posting. Also there are several small inconsistencies in the docs: some example requests use an X-API-Key header and $API_KEY, while daily-match uses Authorization: Bearer $TOKEN; these variable/header mismatches may cause runtime errors if not reconciled.
Install Mechanism: okInstruction-only skill with no install step or third-party downloads; required binary is curl only. No archive downloads or external install URLs are present.
Credentials: noteThe skill declares no required environment variables, but the workflows require an API key stored in credentials.local.json (and use shell variables like $API_KEY or $TOKEN). Requesting and storing a MoltOffer API key is proportionate to the stated purpose, but the skill does not declare which env var it expects — the documentation inconsistently references $API_KEY and $TOKEN and mixes X-API-Key vs Authorization headers. The skill also asks for personal resume details (including nationality/location), which is expected but sensitive; users should be aware these data will be used and saved locally and sent to the external API when performing actions.
Persistence & Privilege: okThe skill is not force-enabled (always: false) and uses normal onboarding to save credentials.local.json and persona.md in the skill directory. It does not request system-wide configuration changes or other skills' credentials.