ClawHub

Career Future Mirror

Security checks across malware telemetry and agentic risk

Overview

This career-planning skill is mostly aligned with its purpose, but it asks for sensitive personal career details and silently saves conversation logs locally without clear user consent.

Install only if you are comfortable with career background, resume-like details, income goals, and future-self dialogue being saved locally. Before use, remove contact details, addresses, IDs, employer-confidential information, and anything you do not want retained; review or delete output/data/conversation_log.json after generating the letter.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The skill metadata advertises trigger keywords such as '职业规划' and '职业困惑' that are broad enough to match ordinary conversation, increasing the chance the skill activates unexpectedly. Because the workflow then solicits extensive personal background and writes outputs to local files, accidental activation can pull users into unnecessary data collection and persistence.

Vague Triggers

Medium
Confidence
96% confidence
Finding
The phase-one trigger condition is defined as any expression of career planning, transition, or confusion, which is highly ambiguous and likely to overlap with normal advisory chat. In this context, that matters because activation leads to structured collection of sensitive education, employment, income, and preference data.

Missing User Warnings

High
Confidence
98% confidence
Finding
The output section states that reports and conversation artifacts will be saved to local files, but the skill does not present a clear user-facing warning or obtain consent for storing sensitive career data. This creates a privacy risk because users may disclose resumes, work history, salary expectations, and personal concerns without realizing they will be retained on disk.

Missing User Warnings

High
Confidence
99% confidence
Finding
The skill explicitly instructs the agent to 'silently' append conversation data to a JSON log, which bypasses user awareness and consent. Hidden logging of free-form dialogue is especially risky here because career discussions can contain resumes, employment history, salary goals, anxieties, and other sensitive personal information.

Ssd 3

Medium
Confidence
98% confidence
Finding
This section combines role-play dialogue with persistent storage and later reuse to generate a 'future letter,' creating a full pipeline for retaining and transforming sensitive user disclosures. The risk is amplified because the logging is designed to be silent, making leakage, over-retention, and unintended secondary use of personal data more likely.

Ssd 3

Medium
Confidence
94% confidence
Finding
The skill encourages users to submit full resumes or detailed background descriptions and promises automatic parsing, which promotes over-collection of personal data beyond what is necessary for lightweight career advice. In combination with later report generation and conversation logging, this increases the chance that sensitive identity, education, employment, and compensation details are unnecessarily stored and propagated.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal