ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Boss直聘AI助理

v1.0.0

Boss直聘AI助理,自动监控未读消息、AI智能回复、自动发送简历、自动同意交换微信。触发词:Boss直聘、自动回复HR、Boss AI助理、招聘自动化。

0· 409·0 current·0 all-time
by@google696

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for google696/boss-ai-assistant.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Boss直聘AI助理" (google696/boss-ai-assistant) from ClawHub.
Skill page: https://clawhub.ai/google696/boss-ai-assistant
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install boss-ai-assistant

ClawHub CLI

Package manager switcher

npx clawhub@latest install boss-ai-assistant
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The name/description (Boss直聘 AI 助理) matches the script's behavior (auto-monitoring, replies, send resume, accept WeChat). However the code's default CONFIG points to a third‑party IP (http://121.199.76.208) for API/storage and contains embedded API keys and PII. references/config.md suggests self‑hosting (localhost) for the server, but the shipped default uses an external host — this mismatch is unexplained and suspicious.
!
Instruction Scope
SKILL.md says chat records are stored on a server and points to config.md for backend setup (which implies optional/self‑hosted). The actual script will POST conversation text and metadata to the configured apiBaseUrl (defaulting to the remote IP), so it will exfiltrate chat content and HR interactions. The user-facing docs do not clearly warn that messages will be sent to a remote third‑party by default.
!
Install Mechanism
No install spec (user script) is lowest friction, but the userscript declares updateURL and downloadURL using plain HTTP to an IP (http://121.199.76.208/boss_auto_greet.user.js). That allows the remote host to push arbitrary updates to the installed script without integrity protections — high risk.
!
Credentials
The skill does not request platform env vars, but it embeds multiple secrets and personal data in code (apiKey, googleApiKey, barkUrl token, resume with phone/email). It asks users to provide AI/API keys, which is reasonable, but shipping with hardcoded keys and defaulting to an external API/storage endpoint is disproportionate and can leak sensitive chat/HR data to a third party.
!
Persistence & Privilege
always:false and user-invocable:true (expected). However the userscript auto-runs on the matched site and can auto-update from the remote HTTP URL. Combined with network permissions (GM_xmlhttpRequest and @connect entries) this provides an ongoing capability for remote code push and data exfiltration — a notable privilege even though 'always' is not set.
What to consider before installing
This script will automatically read and send your Boss直聘 chat contents (and related metadata) to a remote server by default and can auto-update itself from an HTTP IP address. Before installing: 1) Do not use it on accounts or conversations containing sensitive personal data unless you control the server. 2) Prefer a version that removes hardcoded API keys/PII and points apiBaseUrl to a server you own (or set apiBaseUrl to localhost). 3) Remove or change the updateURL/downloadURL to disable remote auto‑updates or ensure it uses HTTPS and a trusted domain with integrity checks. 4) If you must test it, inspect the server at 121.199.76.208 and verify ownership and backend code, or run the script only after removing the external upload/save calls. 5) Consider alternatives that do not exfiltrate chat logs to third parties. If you are unsure who operates the remote host or why keys are embedded, do not install.

Like a lobster shell, security has layers — review code before you run it.

latestvk979w8x7b6t3es7fafjactrt51835wsk
409downloads
0stars
1versions
Updated 1h ago
v1.0.0
MIT-0
@google696
latest
Download

Boss直聘AI助理

自动化处理 Boss 直聘消息的 AI 助理脚本。

功能

  • 自动监控未读消息
  • AI 智能回复(根据简历信息和服务领域)
  • 自动发送简历(HR请求时)
  • 自动同意交换微信
  • 自动同意发送简历
  • 公司背景信息搜索(Google)
  • 聊天记录存服务器数据库
  • Bark 推送通知

安装

  1. 在 ScriptCat 或 Tampermonkey 中添加脚本
  2. 配置个人信息和 API Key(见 references/config.md)
  3. 访问 Boss 直聘聊天页面,脚本自动启动

使用

访问 https://www.zhipin.com/web/geek/chat* 页面,脚本会自动:

  1. 显示控制面板(右上角)
  2. 自动开始监控未读消息
  3. 收到新消息时 AI 自动回复
  4. HR 索要简历时自动发送
  5. HR 请求交换微信时自动同意

文件说明

  • scripts/boss_ai_assistant.js - 主脚本,复制到 ScriptCat/Tampermonkey
  • references/config.md - 配置说明

管理后台

  • HR 列表和聊天记录:见 config.md 中的管理后台地址

Comments

Loading comments...