Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
HireMe Pro
v1.0.3Job hunting is stressful enough without paying $24/month just to format a resume. HireMe Pro builds beautiful, ATS-friendly PDF resumes from your experience,...
⭐ 0· 66·0 current·0 all-time
by@nollio
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The skill's name/description (resume builder, cover letters, interview prep, PDF export) matches the included files and the single script. The presence of a dashboard-kit and deployment spec (Vercel/Supabase, env var names listed) is optional companion material — it does not appear required for the core skill, but it introduces an alternate, networked deployment path that users should be aware of.
Instruction Scope
SKILL.md instructions limit actions to parsing user-provided resume/job text, writing structured JSON under the skill's data directory, and generating local PDFs. It explicitly treats pasted content as untrusted and documents prompt-injection defenses. The included SETUP-PROMPT asks the agent to copy files into a skills/ path and create data directories — this is expected for installation and confined to the skill workspace.
Install Mechanism
No install spec in the registry; the only runtime dependency is Playwright (documented). The only executable artifact is scripts/generate-resume-pdf.sh. No remote download or archive extraction occurs in the package. Playwright is a standard dependency and the script blocks network access during rendering.
Credentials
The skill does not require environment variables or credentials for its local operation. The dashboard-kit and README mention Supabase and environment variables (NEXT_PUBLIC_SUPABASE_URL, ANON_KEY, SUPABASE_SERVICE_ROLE_KEY) for an optional web dashboard — these are not required for the agent's local resume workflow but are documented for deploying the web companion. Users should not supply cloud keys unless they intend to deploy the dashboard.
Persistence & Privilege
always is false and the skill does not request elevated or persistent platform privileges. It creates and uses a local data/ directory under the skill workspace; the setup prompt instructs file creation and permission tightening (chmod 700/600), which is normal for local data storage.
Scan Findings in Context
[ignore-previous-instructions] expected: The SKILL.md and SECURITY.md intentionally include examples of prompt-injection phrases (e.g., 'Ignore previous instructions') as part of defensive guidance. The static scanner flagged these artifacts; their presence is defensive rather than malicious.
[you-are-now] expected: Similar to the previous finding: the SKILL.md shows adversarial instruction examples and explicit instructions to ignore them. This is expected for a skill that documents prompt-injection defenses.
Assessment
What to know before installing:
- Core behavior: HireMe Pro appears to run locally: it parses pasted text or uploaded resumes into a local JSON (data/resume-data.json) and uses Playwright to render HTML templates to PDF. The included shell script enforces that input/output paths stay inside the skill directory and blocks outbound network requests when rendering.
- Playwright is required: you'll need Python + Playwright (pip3 install playwright && playwright install chromium) for PDF generation. Installing Playwright downloads Chromium; consider that network activity happens during Playwright install, not during resume rendering.
- Dashboard is optional: the repository contains a dashboard-kit and deployment docs for a web app (Vercel + Supabase) which requires cloud env vars/keys. You do not need to provide these keys for the local agent skill to work — only enable them if you plan to deploy the companion web service.
- PII storage: resume data is stored locally under the skill's data/ directory. The package recommends chmod 600/700 for files and directories, but if your device syncs backups (iCloud, Dropbox, Google Drive) the data directory may be uploaded — exclude it from sync if you want purely local storage.
- Setup prompts and copy commands: the SETUP-PROMPT instructs copying files into skills/hireme-pro/ and changing permissions. Running those commands will modify files on the host. Review the copy and chmod commands and ensure you run them in a trusted workspace (they do not request network access or credentials).
- Prompt-injection: the skill explicitly defends against prompt-injection and the scanner flagged example strings; those are benign here because they are part of the defense guidance.
- If cautious: inspect scripts/generate-resume-pdf.sh and the templates yourself (they are small and readable), run the tool in a restricted/sandboxed environment first, and do not provide cloud secrets unless you intentionally deploy the dashboard.
Overall: the package is coherent with its stated purpose and does not request unexplained credentials or global privileges. The main operational risk is typical handling of PII on your machine and whether you choose to deploy the optional cloud dashboard (which would require cloud keys).SECURITY.md:62
Prompt-injection style instruction pattern detected.
SKILL.md:20
Prompt-injection style instruction pattern detected.
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.Like a lobster shell, security has layers — review code before you run it.
latestvk9738kzphg4mcr9f40q26f79kn83z3qc
License
MIT-0
Free to use, modify, and redistribute. No attribution required.