ClawHub

Workable

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real Workable recruiting integration, but it can change candidate records and its scope is described too broadly for the sensitivity of hiring data.

Install only if you intend to let Membrane access your Workable account. Use a least-privileged Workable account where possible, review each discovered or generated action before running it, and require explicit approval before candidate create, update, move, tag, comment, disqualify, or revert-disqualification actions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The manifest describes a broad Workable integration covering Persons, Organizations, Deals, Leads, Projects, and Users, but the body documents an ATS-focused integration centered on jobs, candidates, requisitions, and hiring actions. This mismatch can mislead an agent or user about the scope of data and operations available, increasing the risk of inappropriate use, unsafe assumptions, or execution of hiring-related actions under a generic CRM framing.

Intent-Code Divergence

Medium
Confidence
90% confidence
Finding
The description contradicts the rest of the skill by claiming support for generic business objects while the detailed documentation is limited to hiring workflows. Contradictory scope descriptions are dangerous because agents may select this skill for the wrong task and then invoke sensitive recruiting actions on candidate records based on an inaccurate understanding of what the skill does.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill advertises state-changing actions such as disqualifying candidates, moving them through stages, tagging profiles, and updating records without any warning that these operations alter hiring records and may materially affect applicants. In an ATS context, silent presentation of these actions is more dangerous because accidental or automated use can change employment-related records and decisions with operational and compliance consequences.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal