ClawHub

Resume Optimizer

Security checks across malware telemetry and agentic risk

Overview

This resume skill is mostly coherent, but its PDF script can automatically install an external Python package into the user's environment during normal use.

Review before installing. The resume features are aligned with the stated purpose, but run the PDF export only in a virtual environment or sandbox, or after installing ReportLab through your normal trusted dependency process. Be careful about the personal information included in generated resumes and check the output file before sharing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (5)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
except ImportError:
    print("Installing reportlab...")
    import subprocess
    subprocess.check_call(['pip', 'install', 'reportlab', '--break-system-packages', '-q'])
    from reportlab.lib.pagesizes import letter
    from reportlab.lib.units import inch
    from reportlab.lib.styles import getSampleStyleSheet, ParagraphStyle
Confidence
98% confidence
Finding
subprocess.check_call(['pip', 'install', 'reportlab', '--break-system-packages', '-q'])

Context-Inappropriate Capability

High
Confidence
99% confidence
Finding
A resume PDF generator should only transform input data into a document, but this code also installs software on the executing machine when an import fails. That expands the trust boundary from local formatting logic to remote package retrieval and arbitrary code execution during package installation, which is unjustified for the skill's stated purpose.

Description-Behavior Mismatch

High
Confidence
97% confidence
Finding
The file presents itself as a PDF-generation utility, but it contains hidden environment-modifying behavior that installs software. This mismatch is dangerous because operators may approve or run the script expecting pure document generation, while it actually changes the system and may execute unreviewed package installation steps.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The documentation implies a straightforward input-to-PDF conversion tool, but the implementation also alters the environment by installing dependencies. This discrepancy reduces transparency and can bypass reviewer expectations, making the script riskier in agent or automation contexts where such side effects may run unattended.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill requires saving resume PDFs containing highly sensitive personal data to a user-accessible output directory and instructs generating downloadable links, but it provides no privacy notice, overwrite protection, or filename-collision safeguards. This can expose personally identifiable information through predictable filenames, accidental sharing, or replacement of an existing user's document in shared or persistent storage contexts.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal