ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

automate applying to jobs with email

v1.0.0

Automated job application assistant. Searches for jobs on LinkedIn, Indeed, Glassdoor, Wellfound, Agentur für Arbeit, and direct URLs, composes personalised...

1· 79·0 current·0 all-time
byZHDesignS@z-hussein
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description match the files and instructions: the skill searches job boards, drafts emails, sends via Gmail SMTP, and logs to Applications.json. Asking the user to provide a CV, templates, and target companies is expected for this purpose.
!
Instruction Scope
The SKILL.md explicitly tells the agent to 'check inbox' and 'process replies' but provides only SMTP settings (for sending) in references/CONFIG.md — it does not describe how to read inbound mail (IMAP/POP or Gmail API/OAuth) or include credentials for inbox access. The agent is also instructed to scrape multiple job boards and find recruiter emails; scraping and automated access have rate limits and TOS implications (LinkedIn noted elsewhere). The agent is told to read local files (CONFIG.md, Applications.json, templates) which is expected, but the missing/incomplete inbox access method is a functional and security-relevant gap.
Install Mechanism
This is an instruction-only skill with no install steps or code files to execute — lower install risk. All runtime behavior comes from the prose and included reference files.
!
Credentials
The registry metadata lists no required env vars or credentials, yet the instructions require placing a Gmail App Password into references/CONFIG.md (a local plaintext file), and the README expects a WhatsApp integration. This is a mismatch: the skill needs sensitive credentials but does not declare them, and storing an app password in a file without guidance on file protection is risky. BCCing a personal email on every outbound message and sending daily WhatsApp digests increases data exposure surface.
Persistence & Privilege
always:false and no install hooks are present. The skill will create and update Applications.json (documented) — that is an intended local persistence and consistent with its purpose. Autonomous invocation is allowed (platform default) but not combined here with other high privileges.
What to consider before installing
Key things to consider before installing or running this skill: - Inbox access gap: The skill describes checking and processing inbound replies but only documents SMTP sending (app_password). Ask the author how the agent will read your inbox (IMAP/POP or Gmail API) and what credentials/permissions are required. Do not assume the agent can safely access your primary mailbox. - Use a dedicated account: If you proceed, create a dedicated Gmail account for job applications and generate a Gmail App Password for that account. Never use your primary or work email. Keep the app password isolated and rotate it if you stop using the skill. - Local secret storage: The skill instructs you to put the app password into references/CONFIG.md (plaintext). Protect that file (restrict filesystem permissions) or ask for a secure alternative (platform secret store or environment variable). Treat this file as sensitive. - Start in review mode and limit scope: Keep the skill in Review Mode until you confirm it drafts appropriate emails and tracking behavior. Limit searches/auto-sends (e.g., lower the per-session max) while testing. - Privacy and exposure: The skill BCCs a personal email and can send WhatsApp digests — consider removing the BCC or WhatsApp notifications until you trust the behavior. Review Applications.json regularly and back it up; it contains your application history. - Legal/TOS risk: Automated scraping of LinkedIn/other job boards can trigger rate limits or violate terms of service. The Platform-notes mention rate limits; respect them and avoid mass automated scraping. - Ask for clarifications or improvements: specifically request (a) explicit inbox access method and required permissions, (b) whether any network endpoints other than job boards, Gmail SMTP, and WhatsApp will receive your data, and (c) an option to keep all secrets in platform-managed secret storage rather than plaintext files. If the author cannot clearly explain how inbound email access is handled and how secrets are protected, do not run this skill against any account that contains important or sensitive data.

Like a lobster shell, security has layers — review code before you run it.

automationvk97apv6gdz8mhjk7h4e0archk183agb0latestvk97apv6gdz8mhjk7h4e0archk183agb0

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments