Skillv1.0.0

ClawScan security

Job Hunt Tracker · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 23, 2026, 4:26 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files, required permissions, and runtime instructions are coherent with a local job-application tracker: it only needs local read/write access and creates/uses JSON files under ~/.openclaw/job-hunt-tracker.
Guidance: This skill appears to do what it says: store and manage job-hunt data locally in ~/.openclaw/job-hunt-tracker. Before installing, consider: (1) the data will be stored in plaintext JSON — do not put highly sensitive credentials or PII there unless you accept plaintext storage; (2) confirm your OpenClaw platform honors the 'no network' promise and/or restricts the read/write capability to the indicated directory; (3) think about backups and how to securely delete the folder if you uninstall; (4) review future updates for changes that might request broader permissions. If you want stronger privacy, ask the skill author to add optional encryption or require explicit consent before exporting/sharing any data.

Purpose & Capability: okName/description match functionality: tracking applications, offers, follow-ups, and stats. Declared requirements (none besides read/write tooling in metadata) align with a purely local data store and no external integrations.
Instruction Scope: noteSKILL.md only instructs creating a data directory (~/.openclaw/job-hunt-tracker) and reading/writing JSON files there. That stays within expected scope. Note: data is stored as plaintext JSON (settings, applications, offers, follow_ups), which may include sensitive items (salary expectations, notes). The skill promises 'no network calls' in prose — that is a policy-level assurance, not a technical enforcement built into the instruction file.
Install Mechanism: okInstruction-only skill with no install spec and no code files; nothing is downloaded or written beyond the explicit local data files it asks to create.
Credentials: noteNo environment variables, credentials, or external service tokens are requested (appropriate). Metadata requests 'read' and 'write' tools — reasonable for this purpose, but these tools could allow broader filesystem access depending on platform enforcement. The SKILL.md itself only references the job-hunt directory.
Persistence & Privilege: okalways is false (not force-included). disable-model-invocation is false (agent may call autonomously) which is normal for skills; nothing suggests excessive persistent privileges or modification of other skills.