Back to skill
Skillv1.0.0
ClawScan security
Linkedin Easy Apply Automation · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 30, 2026, 8:55 AM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's instructions are coherent with its stated purpose (automating LinkedIn Easy Apply flows) and do not request unrelated credentials, but it carries sensitive local-file and session risks and the SKILL.md lists environment variables that the registry metadata did not declare.
- Guidance
- This skill appears to do what it says, but before using it: (1) understand that it expects a resume PDF path and (optionally) a browser profile directory — providing a profile gives the automation access to your LinkedIn session cookies, so prefer a dedicated profile with only the account you intend to use; (2) the registry metadata did not mark environment variables as required even though SKILL.md documents them — make sure you supply RESUME_PDF, CHROME_PROFILE (or CHROME_BIN), and STATE_DIR as appropriate; (3) run initially in DRY_RUN mode and limit MAX_APPLY to verify behavior; (4) run the automation in a sandbox/VM or with a separate browser profile to avoid exposing other accounts or data; (5) be aware of LinkedIn ToS and account risks (CAPTCHA, throttling, account checks) and that the agent will interact with your live account when the profile/session is available. If you need higher assurance, request the author provide explicit declared env requirements in registry metadata and an install/test script or reviewable code rather than instruction-only guidance.
Review Dimensions
- Purpose & Capability
- okThe instructions (Puppeteer usage, resume upload, persistent browser profile, state/log files, filtered searches) match the stated goal of automating LinkedIn Easy Apply. The example env vars and file paths in SKILL.md (RESUME_PDF, CHROME_PROFILE, STATE_DIR) are relevant to the purpose. Minor inconsistency: registry metadata lists no required env vars while SKILL.md documents several expected environment variables/paths.
- Instruction Scope
- okSKILL.md stays narrowly focused on searching LinkedIn, opening Easy Apply flows, uploading a resume, answering only verified facts, and logging state. It explicitly warns not to store credentials and to stop for MFA/CAPTCHA. The instructions do direct the agent to read local files (resume PDF, optional browser profile) and to write state/logs to /tmp — these are necessary for the stated task.
- Install Mechanism
- okThis is an instruction-only skill with no install spec or bundled code files, which minimizes install-time risk. It references Puppeteer/Chromium usage (implying Node/npm and a browser) but does not attempt to download or execute remote artifacts itself.
- Credentials
- noteNo network credentials are requested by the registry, which aligns with the claim of being credential-free. However, SKILL.md expects access to sensitive local resources (resume PDF and a browser user-data directory containing LinkedIn session cookies). Access to a browser profile is proportionate to the task but increases sensitivity because it provides the automation the same session as a logged-in user. The SKILL.md-listed env vars are not declared as required in registry metadata — the user should be aware they must supply these.
- Persistence & Privilege
- okThe skill is not always-enabled and is user-invocable (normal). It writes state/logs to /tmp paths under the skill's own scope and does not request system-wide persistence or modification of other skills.