Maxhub Linkedin

Security checks across malware telemetry and agentic risk

Overview

This is a read-only LinkedIn data skill, but it warrants review because it enables broad collection of personal, contact, employee, and professional-profile data without clear consent or acceptable-use guardrails.

Install only if you have an authorized, lawful reason to query LinkedIn data through MaxHub. Treat profile details, contact info, employee lists, recommendations, and activity data as sensitive personal data; avoid bulk prospecting, background checks, or employee profiling without consent or a documented legal basis. Use a dedicated MaxHub API key, confirm ambiguous people-search requests before querying, and avoid force reinstall commands unless local skill changes are backed up.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (11)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill explicitly promotes collection of LinkedIn profile data, contact information, relationships, activity, and other personal attributes, but does not provide clear safeguards around consent, lawful basis, retention, or downstream handling of personal data. This creates a realistic risk of privacy abuse, unauthorized profiling, and misuse of sensitive professional information, especially because the tool is positioned for large-scale marketing, recruiting, and intelligence workflows.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The documented use cases include background investigation, talent profiling, competitive intelligence, and contact discovery, all of which can materially affect individuals and organizations if used without notice or authorization. Because the skill frames these activities as beneficial workflows without an explicit warning about privacy, consent, and legal/ethical constraints, it increases the likelihood of misuse for invasive monitoring or non-consensual due diligence.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The index enumerates many LinkedIn user/profile/contact and company intelligence retrieval atoms, including contact-info endpoints, but provides no privacy, consent, or acceptable-use warning. In a skill explicitly designed for large-scale LinkedIn data collection and intelligence gathering, this omission increases the risk of misuse for scraping, profiling, and unauthorized personal-data access.

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The skill explicitly documents endpoints for retrieving employee lists and member insights, which can expose personal and organizational intelligence without any visible privacy notice, purpose limitation, or access-control guidance in the reference. In a LinkedIn data collection context focused on B2B marketing, recruiting, talent profiling, and competitive intelligence, omission of privacy safeguards increases the risk of misuse, over-collection, and processing of personal data in ways users may not expect.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The recipe trigger keywords are short, generic, and semantically overlap with common LinkedIn-related user requests such as finding people, jobs, posts, or company information. In an agent routing system, this can cause unintended recipe activation, leading to over-collection of third-party LinkedIn data or execution of a broader workflow than the user explicitly intended.

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The trigger phrase set for this recipe includes broad, common-language terms such as “搜索帖子”, “找帖子”, and “领英文章”, which can match routine user requests beyond the narrowly intended workflow. In an agent setting, overly broad triggers can cause unintended invocation of LinkedIn data-collection actions, increasing the chance of unnecessary external queries, privacy-impacting lookups, or routing the user into a higher-risk data access path without sufficient specificity.

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The trigger phrases are very broad and can activate on generic user requests like '找工作' or '搜索职位' without clear scope limits, increasing the chance that this recipe is invoked when the user did not specifically intend LinkedIn job search. In an agent setting, overly broad activation boundaries can cause unintended tool use, unnecessary external queries, and possible disclosure of user intent or search terms to third-party APIs.

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The trigger phrases for the people-search recipe are broad enough to match generic requests like '找人' or '搜索人', which can cause the agent to invoke LinkedIn data collection when the user did not clearly request this specific skill. In a data-enrichment skill that retrieves external profile information, overly broad routing increases the risk of unintended personal-data access and mis-execution.

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The trigger phrases for the top-card/profile-summary recipe are vague ('用户概览', '快速了解') and may match many unrelated requests. Because this skill is designed to fetch LinkedIn profile data, ambiguous invocation can lead to unnecessary third-party data retrieval or disclosure when the user intended a generic summary rather than LinkedIn-specific enrichment.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill documents endpoints for retrieving user contact information containing PII but does not provide a clear privacy warning, consent requirement, or usage restriction. In a data-enrichment and intelligence-gathering context, this can normalize collection of sensitive personal data without ensuring lawful basis, user authorization, or downstream handling safeguards.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The file advertises broad retrieval of personal profile data, recommendations, interests, reactions, and recent activity across multiple endpoints without a consolidated privacy notice or safe-use constraints. In the context of LinkedIn intelligence gathering, this increases the risk of large-scale profiling, surveillance, or misuse of personal data because the documentation emphasizes coverage and chaining but not consent, minimization, or sensitivity controls.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal