ClawHub

Career Ops Assistant

v1.5.3

Operate Career-Ops (santifer/career-ops) end-to-end with safe, command-first workflows. Use for setup, evaluate/scan/pdf/batch/tracker/pipeline/apply/deep/co...

0· 112·0 current·0 all-time
byVasiliy@vassiliylakhonin
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description map to an operator-style assistant for the santifer/career-ops repo. The SKILL.md references repository artifacts (cv.md, config/profile.yml, portals.yml) and npm scripts (doctor, sync-check, merge, verify, normalize, dedup) that are appropriate for repo maintenance and pipeline workflows.
Instruction Scope
Instructions are scoped to repository files and explicit modes, and include sensible hard boundaries (no blind mass-apply, no implicit installs). However, the agent is instructed to run npm scripts (e.g., npm run doctor, npm run merge) which may execute arbitrary code defined in the repository; the skill correctly requires explicit user approval before any command that downloads packages or changes dependencies.
Install Mechanism
Instruction-only skill with no install spec and no external downloads referenced. There is no installer or archive extraction written to disk by the skill itself.
Credentials
The skill declares no required environment variables, credentials, or config paths beyond repository files it will operate on, which matches its purpose.
Persistence & Privilege
always is false and the skill does not request permanent/global presence or modifications to other skills or system-wide agent settings.
Assessment
This skill appears coherent for operating a Career-Ops repo, but it will run repository npm scripts and edit repo files. Before allowing it to execute commands, review the repository's package.json scripts and the contents of any scripts/*.mjs referenced by those scripts to ensure they don't perform unexpected network access or system changes. Always confirm any command that installs packages or downloads binaries (the SKILL.md explicitly requires user approval for such commands). Consider running the workflows in a sandboxed environment or a clone of your repo until you’re comfortable with the actions the scripts perform. If you want stronger assurance, ask the skill publisher for the exact npm script definitions or run npm run --silent <script> locally to inspect behavior before granting execution.

Like a lobster shell, security has layers — review code before you run it.

cv-tailoredvk979s5cwkn4571h6qg068d52x585067gjob-searchvk979s5cwkn4571h6qg068d52x585067glatestvk97fp77avc5nsxqkhcrc58yk6x851qh4resumevk979s5cwkn4571h6qg068d52x585067g

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments