ClawHub

BDJobs Job Apply

Security checks across malware telemetry and agentic risk

Overview

This BDJobs automation is purpose-aligned, but it needs Review because it stores passwords, session tokens, and resume data locally while also being able to make live account changes.

Install only if you are comfortable giving this skill your BDJobs password, resume, and reusable session tokens, and understand it can apply to jobs, cancel applications, and update salary expectations on your account. Treat the data folder and command output as sensitive, delete stored credentials/tokens when no longer needed, and require explicit confirmation before any apply, undo, or salary-update action.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (15)

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
The script loads the user's local resume and attaches the full resume text to every returned job object, even though this file's stated role is job search and inspection. That unnecessarily expands the data exposed to downstream components, logs, or LLM context, creating a clear privacy and data-minimization failure that could leak sensitive personal information.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly instructs collection and storage of BDJobs usernames, passwords, resume contents, and later auth artifacts in local files, but does not warn the user about sensitive-data handling, retention, or exposure risk. In a skill that automates account access and job applications, this omission is dangerous because users may disclose credentials and personal data without informed consent or understanding of how long the data persists.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill automates external actions on a live BDJobs account, including applying to jobs, undoing applications, and updating salary expectations, yet it does not clearly warn the user that these actions will modify their real profile and application state. This increases the chance of unintended account changes, reputational harm, or accidental submissions because the user may not realize the consequences of invoking the automation.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill explicitly references local files containing profile and authentication material (`data/userDetails.json` and `data/loggedInData.json`) without any guidance on secure handling, minimization, access control, or user consent. In a job-application automation context, these files likely contain personal data and active session artifacts, so undocumented storage and use increases the risk of credential theft, privacy leakage, and unintended reuse by other components.

Missing User Warnings

High
Confidence
95% confidence
Finding
The login flow instructs transmission of username and password to remote endpoints but provides no warning, consent checkpoint, or assurance about safe secret handling. Because this skill automates access to a real user account with application capability, silent credential submission can expose highly sensitive account access and normalize unsafe handling of user passwords.

Missing User Warnings

High
Confidence
96% confidence
Finding
The instruction to save `token`, `refreshToken`, `encryptId`, and `decodeId` locally creates a persistent authentication cache without any safeguards or retention limits. If these values are exposed through filesystem access, logs, backups, or another skill, an attacker could reuse active session material to search, apply, undo applications, or modify user account state without the user's password.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The reference describes actions that change external and local state—undoing applications and removing IDs from `data/appliedJobIds.json`—without any warning about user impact, confirmation requirements, or recovery limitations. In this skill's context, these are consequential account actions that can alter a user's job application history and workflow, making accidental or unauthorized execution materially harmful.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
This code performs a real external job application submission and persists the result locally without any in-script confirmation, approval gate, or visible warning. In the context of an automation skill that can apply to jobs on a user's behalf, this creates a meaningful risk of unauthorized or unintended applications, which can affect the user's professional reputation and account standing.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The script silently invokes a subprocess-based login flow whenever local login state is missing or expired, which can trigger credentialed authentication without any user-visible disclosure in this code path. In a skill designed to automate account actions, hidden re-authentication increases the chance of the agent performing sensitive actions under valid credentials without informed user awareness.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script persists authentication material, including token and refreshToken, to disk in a JSON file under the working directory. If the local filesystem is accessible to other processes, users, logs, backups, or later skill steps, these tokens can be reused to access the BDJobs account without needing the password.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
This code reads resume.md and emits its contents alongside each search result without any indication to the user that sensitive personal data is being propagated. In an agent pipeline, that output may be logged, shown to other tools, or sent onward, turning a simple search action into broad disclosure of private resume data.

Missing User Warnings

Medium
Confidence
81% confidence
Finding
The script reads guidId from local profile files and transmits it to a remote BDJobs-related API to refresh applied job history. While this is plausibly required for functionality, it still involves sending a persistent user identifier off-host without any visible transparency, minimization, or validation of destination trust in this file.

Ssd 3

High
Confidence
98% confidence
Finding
The skill design centers on persisting highly sensitive data—including resume content, credentials, and authentication/session material—to local files inside the skill directory. This creates a direct exposure path for credential theft, account takeover, and leakage of personal information if the workspace, logs, backups, or adjacent tooling can access those files.

Ssd 3

High
Confidence
98% confidence
Finding
The onboarding flow asks the user to provide a BDJobs username, password, and resume text in plain language and then saves them for reuse. Collecting secrets and personal documents through conversational input and persisting them locally significantly raises the risk of accidental disclosure through chat history, local file access, backups, or debugging output.

Ssd 3

High
Confidence
99% confidence
Finding
The login flow instructs the agent to save token, refreshToken, and multiple user identifiers to `data/loggedInData.json`, which is effectively a reusable session bundle. If exposed, these artifacts may allow unauthorized reuse of the user's authenticated session, enabling account access and potentially job-application actions without needing the original password.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal