ClawHub

Automate your Job Search

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Mokaru career-management skill that can read and modify sensitive job-search data, but its behavior is coherent with its stated purpose and shows no hidden or malicious actions.

Install only if you trust Mokaru and the publisher with your career data. Store MOKARU_API_KEY securely, do not paste it into chats or commit it to files, and require confirmation before the agent updates, deletes, exports, or auto-tailors resumes, contacts, applications, profile, education, experience, or skills records.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (8)

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The skill markets itself as not submitting applications and as a job-search helper, but the documented API surface includes broad CRUD access to profile, resume, contacts, education, experience, and skills records. This scope mismatch can mislead users and hosting agents into invoking a much more powerful data-management integration than expected, increasing privacy and unauthorized-action risk.

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
Contact-management endpoints let the skill read, create, update, and delete networking contacts, including email, phone, and LinkedIn data, which exceeds a narrow job-search/apply workflow. In context, this expands the blast radius from job discovery into third-party personal data handling without clear justification or user warning.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill exposes extensive management of profile, resumes, experiences, education, and skills, allowing broad read/write/delete access to sensitive career-history data. That exceeds the described auto-apply/job-search role and creates a larger opportunity for overcollection, silent modification, or destructive changes if the skill is triggered in ordinary career conversations.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README advertises multiple state-changing and destructive operations such as create, patch, and delete across applications, contacts, profile, resumes, experiences, education, and skills, but provides no warning that these actions can alter or remove user records. In an agent setting, this increases the chance of unintended writes or deletions being triggered from natural-language requests, especially where the user may not realize the skill has broad modification authority over sensitive career data.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The README tells users to place a live API key in an environment variable but omits basic credential-handling warnings such as not committing secrets, rotating exposed keys, and avoiding logging or sharing them. Because the key appears to grant access to sensitive job-search, profile, resume, and contact data, poor secret hygiene could expose personal information and allow unauthorized modification or deletion of records.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger text covers very broad phrases like job hunting, career search, applying, resume optimization, interview prep, and application tracking. Because the skill also has wide read/write powers over personal records, broad activation criteria increase the chance of unintended invocation and unnecessary exposure or modification of user data.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The introductory documentation does not clearly warn that using the skill may read and transmit substantial personal data such as profile details, resumes, work history, education, contacts, and application records to an external service. This undermines informed consent and makes the external transmission more dangerous in the context of highly sensitive career data.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
Delete operations are documented as routine actions without requiring an explicit confirmation step or warning about permanence and side effects. In a conversational agent context, this creates a meaningful risk of accidental or prompt-induced destructive actions against user data.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal