Back to skill

Security audit

Jobs Hunter Claw

Security checks across malware telemetry and agentic risk

Overview

This job-tracking skill is mostly purpose-aligned, but it gives agents broad unattended access patterns and contains unsafe command construction that users should review before installing.

Review and patch job-tracker.sh before letting an agent ingest untrusted email or job-board text. Do not enable the cron examples until you restrict mail/calendar scope, use a private channel, define redaction rules, and confirm what data may be written to Google Sheets. Keep the spreadsheet private and back it up before using delete or --force operations.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Intent-Code Divergence

Medium
Confidence
91% confidence
Finding
The cron documentation tells the agent to scan email and calendar even though the skill only documents Google Sheets access via gog and does not establish constrained permissions or dedicated tooling for mailbox/calendar access. This creates a scope-expansion risk where an agent may use whatever ambient credentials or tools are available to access unrelated personal data, violating least privilege and increasing the chance of unintended data exposure.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The delete implementation clears range A:P for the target row, which includes column P even though comments say logs are preserved and P is described elsewhere as a formula-driven log summary. This does not delete the separate Activity Log tab, but it does remove the per-row formula/summary and creates a mismatch between documented behavior and actual destructive behavior, increasing the risk of unintended data loss.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The README advertises periodic email scans and Google Sheets access, which implies collection, processing, and external storage of potentially sensitive job-search data, but it does not warn users about privacy implications, required consent, or possible data exposure. In an automation skill that may run unattended via cron, omission of these disclosures increases the risk that users enable invasive behavior without understanding what data is accessed, retained, or synchronized.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.