ClawHub

post-job

Security checks across malware telemetry and agentic risk

Overview

This skill is built for job posting, but it can publish public hiring content through a third-party relay without a clear final confirmation step.

Install only if you intend to publish real public job postings through Fuku AI. Use a dedicated hiring email, avoid confidential roles or sensitive company details, and require your agent or workflow to show a final preview and get explicit confirmation before posting.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill metadata promises posting to 20+ job boards, but the implementation only talks to Fuku AI endpoints and triggers LinkedIn sync/status operations. This is a deceptive capability mismatch that can mislead users into disclosing job, company, and applicant-routing email data under false assumptions about distribution and service behavior.

Intent-Code Divergence

Medium
Confidence
90% confidence
Finding
The success message states that LinkedIn monitoring should continue automatically until a URL is available, but the function returns immediately and performs no polling or background monitoring. This can cause users to rely on nonexistent follow-up behavior, potentially missing failed postings or assuming external publication occurred when it did not.

Vague Triggers

Medium
Confidence
78% confidence
Finding
The skill encourages broad natural-language invocation such as posting a job from casual phrasing, but it does not define strict trigger boundaries, exclusions, or confirmation requirements before transmitting data externally. In an agentic environment, that increases the chance of accidental job publication or unintended disclosure of job descriptions, company names, and hiring email addresses to a third-party service.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The script transmits job identifiers to a third-party service (hapi.fuku.ai) with an embedded client identifier and no visible consent, disclosure, or trust-boundary warning to the user. In a hiring workflow, job IDs can be sensitive operational metadata, and silent transmission to an external relay increases privacy, compliance, and data-governance risk, especially because the skill description does not clearly emphasize this dependency.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal