ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Remote Job Hunter

v1.2.0

Automatically find remote jobs every day and match them to your resume. Searches 5 platforms daily, scores each job against your resume using NLP, identifies...

0· 412·1 current·1 all-time
byRajkiran Veldur@rajkiranvs
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's name/description (daily multi-platform search, scoring, tailoring, and auto-apply via Playwright) is consistent with the code: search.py, scorer.py, gaps/report, tailor/confirm/apply workflow implement those features. Requiring Playwright, resume parsing, and the ability to submit applications (SMTP/form filling/LinkedIn login) is coherent for an auto-apply job hunter. However the registry metadata lists no required credentials or env vars even though the code expects SMTP and (optionally) LinkedIn credentials via profile/auth storage — this mismatch is a design/documentation omission worth noting.
!
Instruction Scope
The SKILL.md is minimal and describes auto-applying and WhatsApp confirmation, but it does not clearly declare the need for SMTP credentials or platform login creds. The code will: read user profile JSON (including resume_path and optional credential fields), read/write local files (pending_applications.json, tailored_resumes/, whitelist files), fetch job board APIs over the network, parse/modify resumes (tailoring), and perform browser automation via Playwright that can log into third-party sites and upload resumes. Those actions are within the stated purpose, but the runtime instructions shipped in SKILL.md and registry metadata omit important scopes (where credentials come from and how WhatsApp delivery is implemented). The tailor.py file content was truncated/omitted in the provided bundle, preventing full review of its logic (this gap increases risk).
Install Mechanism
There is no install spec (instruction-only install), which is lower risk; dependencies are listed in requirements.txt (pymupdf and playwright). Playwright requires additional browser binaries at runtime (not documented here). No remote download URLs or extract steps are present in the bundle; code is included locally. The absence of an install script means the operator must manually satisfy dependencies and Playwright browser install steps — this increases operational friction and potential for misconfiguration but is not inherently malicious.
!
Credentials
Registry metadata declares no required env vars or primary credential, yet the code uses credentials: apply_email expects SMTP host/user/password in the profile (or separate auth store), apply_linkedin expects linkedin_email/linkedin_password, and the README/profile.template reference 'credentials' being stored in an OpenClaw auth-profiles.json. The README also asserts 'No credentials stored in config files' while profile.template warns not to store passwords in the profile — these statements conflict. Because credential handling is essential to auto-apply behavior but not declared in metadata or SKILL.md, there's a proportionality/documentation mismatch that could lead to accidental secret leakage if the user stores creds incorrectly.
Persistence & Privilege
The skill is not marked always:true and does not request system-level persistence. It reads and writes workspace-local files (pending_applications.json, applied_jobs.json, tailored_resumes/ etc.) which is expected for this functionality. The skill does not modify other skills' configurations or global agent settings in the reviewed files.
What to consider before installing
This skill implements a full auto-search + apply pipeline and will need credentials to send applications or log into platforms — but the registry entry/SKILL.md don't clearly declare those needs. Before installing or running: - Inspect where you will store credentials. The code expects SMTP and optional LinkedIn credentials (profile or an external auth store). Do NOT put passwords in publicly readable files. Use the platform's secure secret store (OpenClaw auth-profiles.json if available) and verify its access controls. - Review tailor.py (it was omitted/truncated) before running — it modifies/creates tailored resume files. Ensure it doesn't inject sensitive data or call unexpected external endpoints. - Run initial runs in dry-run mode on an isolated machine or VM. Test with --dry-run and the profile's dry_run=true to verify behavior and outputs (pending_applications.json, whatsapp preview) before enabling any auto-apply actions. - Be prepared to install Playwright (browsers) and pymupdf manually; Playwright automation can control a browser and will perform form fills and uploads — only provide third-party site credentials if you trust the code and understand where they are stored. - Confirm how WhatsApp messages are delivered: code writes preview/whatsapp files but does not itself call WhatsApp API — determine whether your agent will send WhatsApp messages and how that is authorized. If you want to proceed, ask the author for explicit documentation of credential handling and provide the missing tailor.py for full review. If you need help auditing tailor.py or configuring credentials safely, I can walk you through the exact checks to perform.

Like a lobster shell, security has layers — review code before you run it.

latestvk978h65ecpzkg5e4ng4x0w7wz982ck3m

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments