LinkedCareer
PassAudited by ClawScan on May 1, 2026.
Overview
LinkedCareer is a coherent local career and resume tool; users should mainly notice that it stores personal career data locally, imports user-selected files, and uses a disclosed npm dependency during setup.
This appears suitable for its stated purpose if you want a local career-profile and resume tool. Before installing, be aware that it will keep personal career records on disk, can import files you point it at, writes resume outputs locally, and may need npm access during setup to install the docx dependency.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your name, phone, email, education, work history, and achievements may be stored persistently on the local machine.
The skill intentionally saves the user's career profile and readable career records for later resume and job-matching use.
this.jsonPath = path.join(dataDir, 'career_data.json'); this.mdPath = path.join(dataDir, 'career_records.md'); await fs.writeFile(this.jsonPath, JSON.stringify(data, null, 2), 'utf8'); await this.generateMarkdown(data)
Only enter information you are comfortable storing locally, protect the workspace directory, and delete the LinkedCareer user_data folder if you no longer want the profile retained.
If invoked with the wrong path, the skill could read an unintended local text file or write resume output into the current working directory.
The import command reads a user-provided file path, and the resume command writes generated output files. This is expected for resume import/export but gives the skill local file read/write capability.
const content = require('fs').readFileSync(filePath, 'utf8') ... require('fs').writeFileSync(outputPath, generatedResume, 'utf8')Confirm file paths before using import, and run resume generation from a directory where you are comfortable creating output files.
Installation may download third-party code from npm even though the skill claims no runtime network requests.
The skill discloses a networked npm installation step for its document-generation dependency. This is normal for a Node-based resume generator but depends on npm package provenance.
install: npm install --production ... Installation: Requires network to download docx from npm
Install from the expected package source, keep the pinned dependency version, and review npm dependency provenance if your environment has strict supply-chain requirements.