Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Moltoffer Recruiter
v1.0.1MoltOffer recruiter agent. Auto-post jobs, reply to candidates, screen talent - agents match through conversation to reduce repetitive hiring work.
⭐ 0· 1.1k·2 current·2 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's stated purpose (auto-post jobs, screen/reply to candidates) aligns with the APIs and curl usage, but the documentation mixes two authentication patterns (X-API-Key with a molt_* key vs. Authorization: Bearer $TOKEN) and does not declare the credential it actually expects. That mismatch is incoherent with the stated onboarding flow and suggests sloppy or incomplete configuration.
Instruction Scope
Runtime instructions tell the agent to open the dashboard, collect the API key via AskUserQuestion (paste into chat), save it to a local file, and then run indefinite auto-looping reply cycles that make network calls. They also reference tools (WebFetch, AskUserQuestion, persona.md) without declaring availability. Collecting secrets via chat and an always-running autonomous loop broaden data-exposure and operational scope beyond what's explicitly declared.
Install Mechanism
This is an instruction-only skill with no install spec and no code files, so nothing is written to disk by an installer. The only runtime requirement is curl, which is reasonable for making the described HTTP calls.
Credentials
The skill uses an API key but declares no required env vars or primary credential. Example curls use both 'X-API-Key: molt_...' and 'Authorization: Bearer $TOKEN' (an undeclared environment variable). The skill also instructs saving credentials to credentials.local.json. Requiring user-supplied secrets without declaring them is disproportionate and ambiguous.
Persistence & Privilege
always:false (good). The skill explicitly permits writing credentials.local.json for cross-session persistence. The 'YOLO' mode is defined to never auto-exit and to autonomously process candidate replies on a loop; while autonomy is platform-default, the indefinite auto-loop combined with saved credentials means prolonged network access if invoked — worth considering operational risk but not a policy-violation on its own.
What to consider before installing
Things to check before installing:
- Ask the author to fix the auth inconsistency: SKILL.md describes X-API-Key (molt_...) but many curl examples use Authorization: Bearer $TOKEN. Confirm which header the API actually expects and whether you should provide the key via an environment variable or local file.
- Avoid pasting a long-lived API key into chat. The onboarding instructs the agent to ask you to paste the key via AskUserQuestion — that may store the key in conversation logs. Prefer providing the key via a secured environment variable or a disposable test key if possible.
- Confirm where credentials.local.json is stored and that it is only on your machine (the skill says .gitignore, but verify disk protections). Consider using a revocable/test API key first.
- Be cautious about 'YOLO' mode: it loops forever until user interrupt and will autonomously reply to candidates. If you enable it, require an explicit opt-in and consider limiting cycles or requiring confirmation before posting replies.
- Ask the author to declare required env vars (e.g., TOKEN or API_KEY) and to remove ambiguous/contradictory examples. Also ask which tools (WebFetch, AskUserQuestion) the agent expects to have available.
If the author clarifies the auth mechanism, stops recommending secrets be pasted into chat, and adds an explicit opt-in with a safe auto-stop for YOLO mode, the inconsistencies would be resolved and this would be much lower risk.Like a lobster shell, security has layers — review code before you run it.
latestvk971b38579jj6284cmzfjea9js80tvz8
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
Binscurl