ClawHub

麻麻cli

Security checks across malware telemetry and agentic risk

Overview

This recruitment automation skill is clearly about hiring workflows, but it can use a logged-in account to message candidates, handle resumes, download files, and export reports without enough explicit approval boundaries.

Install only if you are comfortable letting the agent operate your logged-in BOSS Zhipin account for recruiting. Before use, set explicit limits for candidate counts, require approval before sending messages or requesting/receiving/downloading resumes, confirm the Feishu destination and permissions, and define how downloaded resumes and reports should be deleted or retained.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill automates screening, reading messages, accepting resumes, downloading resume files, and importing reports into Feishu, but it does not clearly warn the user that it will handle and export sensitive candidate personal data. That omission increases the risk of unauthorized processing, privacy noncompliance, and accidental disclosure when an operator triggers the skill without understanding the data movement.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The workflow explicitly includes resume acceptance and download but does not warn that local files may be created or stored during execution. Because resumes commonly contain highly sensitive personal information, silent file creation can expose data to unauthorized local users, backups, sync tools, or downstream systems without the user's informed consent.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal