ClawHub
Back to skill

Security audit

Career Spotlight Finder

Security checks across malware telemetry and agentic risk

Overview

This skill locally analyzes user-selected career materials and saves derived reports, with the main privacy consideration being persistent local storage.

Install only if you are comfortable with the agent reading the specific projects, documents, and URLs you provide and saving derived summaries under ~/.career-spotlight/. Use narrow input paths, avoid folders with secrets or unrelated confidential material, review generated copy before sharing it, and delete ~/.career-spotlight/ when you no longer want the retained profile and history.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Rogue AgentSelf-Modification, Session Persistence
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (11)

Context-Inappropriate Capability

Medium
Confidence
88% confidence
Finding
The guide explicitly authorizes shelling out to local tools like pandoc, python3, git, find, and stat on user-supplied paths and repositories. Even if intended for legitimate document conversion and freshness checks, this expands the skill from passive analysis into local command execution over attacker-controlled inputs, increasing the risk of command injection, unsafe parsing of untrusted files, and unintended disclosure of repository metadata.

Context-Inappropriate Capability

Medium
Confidence
84% confidence
Finding
The skill instructs persistent storage of per-project analyses, history, and ready-to-use copy under a fixed directory in the user's home folder. This creates durable retention of potentially sensitive career materials, project details, and derived summaries beyond the immediate session, which can expose private data if the machine is shared, compromised, or if users do not fully understand the retention scope.

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The guide explicitly instructs the skill to persist derived analyses to `~/.career-spotlight/analyses/`, creating durable local state outside the immediate task response. Persistent writes expand the skill from transient analysis into filesystem modification and can store sensitive project metadata, paths, and inferred career information without a clear necessity or user-by-user consent boundary.

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The guide directs the agent to enumerate all prior analysis files in `~/.career-spotlight/analyses/*.md` and extract tags from them, which broadens access from the current project to historical user data. This creates a cross-project data aggregation channel that may expose unrelated sensitive information and violates least-privilege expectations for a single-project analysis skill.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to archive and write files under ~/.career-spotlight/ without an explicit up-front warning or confirmation about filesystem modifications. This can lead to unexpected persistent changes to the user's environment, especially when archiving existing content or generating multiple files from broad source inputs.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The guide directs the agent to write files under the user's home directory and to move existing files into a history folder, which modifies persistent user data without any explicit confirmation or safety gate. Even though the intent appears to be normal skill behavior, automatic archival and overwrite workflows can unexpectedly alter or proliferate files, creating integrity and privacy risks if triggered on unintended input or in the wrong environment.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The guide instructs the agent to write output directly to ~/.career-spotlight/report.md, which is a local filesystem modification, without requiring prior user consent or even notifying the user that a file will be created or overwritten. In an agent setting, silent writes to user directories are risky because they create persistent side effects outside the conversation and may surprise users or violate least-astonishment expectations.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The archive-and-rewrite procedure modifies existing user data by moving the current report into a history directory and replacing it with a new one, again without requiring a warning, confirmation, or user approval. This is dangerous because it performs persistent state changes on local files, can create unintended data retention in history archives, and may overwrite a report the user expected to keep unchanged.

Session Persistence

Medium
Category
Rogue Agent
Content
A six-step pipeline:

```
Init → Analyze → Position → Synthesize → Write Copy → Review
```

1. **Init** — Creates `~/.career-spotlight/` on first run. Reuses it after that.
Confidence
83% confidence
Finding
Write Copy → Review ``` 1. **Init** — Creates `~/.career-spotlight/` on first run. Reuses it after that. 2. **Analyze** — Reads each project through a lens matched to its type (code repo, paper, docu

Session Persistence

Medium
Category
Rogue Agent
Content
2. Validate and expand sources (auto-detect document collections in directories).
3. Ask the user to set project priorities (`highlight` or `supporting`).
4. Check existing analyses for staleness (via git hash, file mtime, or URL age).
5. Run new analyses per `guides/project-analysis-guide.md`, write to `~/.career-spotlight/analyses/`.

## Step 2 — Position
Confidence
91% confidence
Finding
write to `~/.career-spotlight/analyses/`. ## Step 2 — Position 1. Read `guides/domain-positioning-guide.md` and follow Sections 2-4. 2. Recommend one expert framing with a distinctiveness thesis. Ke

Session Persistence

Medium
Category
Rogue Agent
Content
### File Creation

After completing the five-dimension extraction for a project, immediately write the analysis to disk. Do not hold multiple analyses in context -- write each one as it is completed.

**File path:** `~/.career-spotlight/analyses/[slugified-name].md`
Confidence
95% confidence
Finding
write the analysis to disk. Do not hold multiple analyses in context -- write each one as it is completed. **File path:** `~/.career-spotlight

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal