ClawHub

batch-resume-screener

Security checks across malware telemetry and agentic risk

Overview

This resume-screening skill mostly does what it says, but its file handling can process more local PDFs than intended and its ZIP/data-retention safeguards are weak.

Review before installing. Use only a dedicated folder or trusted ZIP containing the resumes you intend to process, avoid running it on mixed directories, and treat generated .txt, JSON, CSV, and Markdown outputs as confidential candidate data. Delete intermediate files when done, and avoid untrusted ZIP files unless the extraction code is tightened with file-type and size checks.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The code extracts arbitrary ZIP archives using zip_ref.extractall(extract_dir) without validating member paths, sizes, or file types. This can enable zip-slip style path traversal or archive-bomb style resource exhaustion, which is especially risky because the archive contents are then recursively walked and processed automatically.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The README explicitly describes unzipping resumes, extracting text, saving it to .txt files, and generating reports, but it does not mention any safeguards for handling highly sensitive candidate personal data. In this skill context, resumes commonly contain names, contact details, employment history, and education records, so undocumented local storage and report generation increase the risk of unintended retention, exposure, or mishandling of PII.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal