ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Resume Project Analyzer

v1.0.3

Transforms project experience into industrial-strength resume bullets with architectural depth. Use this skill whenever the user wants to write resume conten...

0· 51·0 current·0 all-time
by@wwaguai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's name/description (transform project experience into deep resume bullets) matches the instructions: it auto-detects repository vs. pasted text, scans project files and git metadata, and generates drafted bullets. One mismatch to note: registry metadata says 'instruction-only', but the package contains many other skill folders and code files — this repository appears to bundle multiple skills/examples, which is plausible for a demo repo but worth verifying the exact source before installing.
!
Instruction Scope
Runtime instructions explicitly tell the agent to read and write ~/.claude/resume-library.md, check .git/config for remote URLs, and run git log to collect commit author emails (git log --format="%ae" | sort -u | wc -l). Those actions are coherent for auto-scanning a repo but will access personal/PII (commit emails, remote URLs) and persist analysis locally. The SKILL.md also contains many system-level role directives that change the agent's behavior (prompt-style instructions).
Install Mechanism
There is no install specification (instruction-only skill) and no downloads or extract steps. That is lower risk from an install-vector perspective. However, the repository manifest shows many files and other skill subfolders; verify you are installing the intended skill and source URL.
Credentials
The skill declares no required environment variables or credentials, which is proportionate to its stated purpose. The remaining concern is not env-vars but the data it reads (local files and git metadata) which can include sensitive info even without secrets.
!
Persistence & Privilege
The skill automatically saves outputs to ~/.claude/resume-library.md across sessions. always:false (not force-enabled), but persistent local storage of analysis and the agent's stated intent to 'understand the user's tech background and calibrate writing style' means it may accumulate personal/project data without explicit per-run consent. Combined with autonomous invocation (default model-invocation not disabled), this increases the amount of data the skill could collect over time.
Scan Findings in Context
[system-prompt-override] expected: The SKILL.md contains system-level role and behavior instructions (e.g., 'You are a senior distributed systems architect...', 'Three engines are always active', 'Must complete before generating any content'). Those are expected for a skill because it needs to instruct the agent how to behave, but such directives can act like prompt-injection and should be reviewed since they modify the agent's system behavior.
What to consider before installing
What to consider before installing: - Source verification: This repository contains many skill folders and files. Only install if you trust the source (the registry shows 'unknown' source/homepage). Prefer installing from a verified repo URL that you can inspect. - Local reads/writes: The skill will read ~/.claude/resume-library.md, .git/config, and run git commands that surface commit author emails and repo remotes. That can expose personal email addresses, repo origins, and other PII. If you don't want that data read or stored, do not allow the skill to scan code repositories. - Persistent storage: The skill automatically appends results to ~/.claude/resume-library.md. If you install it, check that file to see what it stores; consider backing it up, review contents regularly, or remove/clear it if you don't want persistent records. - Usage options: Prefer using the paste/text mode (Mode B) rather than allowing automatic repo scans if you want to avoid exposing repo metadata. If you do allow repo scans, run them on sanitized or non-sensitive copies first. - Prompt directives: The skill contains system-style instructions that change agent behavior. This is normal for skills but increases the need to trust the skill. If possible, run the skill in a sandboxed environment first to confirm behavior. - If you need higher assurance: Inspect the SKILL.md and any code files locally before installing; ensure there are no network exfiltration calls or unexpected external endpoints. If you are unsure, do not install or run against private repositories.
!
skills/skills/claude-api/typescript/agent-sdk/patterns.md:199
Prompt-injection style instruction pattern detected.
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.

Like a lobster shell, security has layers — review code before you run it.

latestvk9736v56fnqykjs8z76z0m2w1n83sw46

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments