ClawHub

Resume Create

Security checks across malware telemetry and agentic risk

Overview

This resume skill does what it says, but users should be careful because generated resume HTML does not sanitize user-provided content.

Install only if you are comfortable processing resume files and personal contact details in this workflow. Use trusted resume content and links, because the HTML preview/export template does not escape fields or validate project URLs; avoid feeding it third-party HTML or suspicious links unless sanitized first.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
98% confidence
Finding
The template injects resume fields directly into HTML via template literals and assigns the result to innerHTML, including text content, list items, and href attributes. Because resume content can come from users or existing resumes, an attacker can supply HTML, script gadgets, event handlers, or javascript: URLs that execute when the resume is viewed or exported, turning a document-generation skill into an active-content execution surface.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill description is broad enough to match common resume-related phrasing such as creating, editing, optimizing, or exporting resumes, which can cause the skill to activate in situations where the user did not clearly intend file access, web lookup, or document generation. Because the skill can read user files, perform network searches, and write HTML/PDF artifacts, accidental invocation increases the chance of unintended data handling and privacy exposure.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
This section instructs the agent to read potentially sensitive resume files, search the web using user-derived job targets, and save generated HTML/PDF files to disk, but it does not require explicit informed consent, disclose what data leaves the local context, or warn about persistent storage paths. Resumes commonly contain personal data such as name, phone, email, education, and work history, so silent file ingestion, external querying, and local persistence materially raise privacy and data-handling risks.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal