ClawHub

linkedin-search

Security checks across malware telemetry and agentic risk

Overview

The skill does what it claims, but it asks users to copy sensitive Chrome profile data and persist LinkedIn candidate data with limited safeguards.

Review before installing. Use a dedicated temporary Chrome profile instead of copying your main browser profile, log in manually only for the session you intend to use, close the debug browser afterward, and delete saved candidate files when no longer needed. Only use this where you are authorized to process LinkedIn candidate information.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
The skill instructs copying Chrome profile artifacts including session-bearing data into a separate directory and then launching Chrome against that copied profile. This exceeds what is necessary for candidate search and materially increases the risk of credential/session theft, unintended persistence of sensitive browser data, and reuse of authenticated state outside the user's normal browser context.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill is designed to automatically save LinkedIn profile URLs and extracted profile content to local storage without an explicit upfront notice, consent checkpoint, or data-minimization guidance. Because the data concerns identifiable individuals, silent bulk retention increases privacy, compliance, and accidental disclosure risk.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The skill auto-creates local directories and persists extracted profile content without a clear, contemporaneous warning about filesystem writes. Although less severe than credential handling, this still creates privacy and operational risk by writing potentially sensitive third-party data to disk by default.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal