Head Hunter
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a coherent instruction-only recruitment matching skill, with only minor notes about unpinned setup guidance, missing referenced code, and the need for human review of hiring recommendations.
This skill appears benign as an instruction-only recruitment assistant. Before installing or using related code, verify any external repository files and pin dependencies if needed. When using it for hiring, avoid unnecessary personal data, get appropriate permission to process candidate information, and keep final decisions under qualified human review.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the dependency may pull the latest package version available at install time, which can affect reproducibility or supply-chain assurance.
The skill documents installing an unpinned Python package. This is common and purpose-aligned for validating candidate contact emails, but users should be aware it relies on package-index provenance and version selection.
"install":["pip install email-validator"]
Install dependencies from a trusted Python environment and consider pinning a known-good version for production or regulated recruiting workflows.
Users may expect reviewed local code to exist, but following the README literally would require additional files or packages not included here.
The README references running a test script and importing a headhunter package, but the provided artifact manifest contains only SKILL.md and README.md. Any referenced code would come from outside the reviewed artifact set.
`pip install email-validator && python3 test_headhunter.py`
Before running any referenced external repository code or test scripts, inspect that code separately and verify its source.
Automated rankings or recommendations could influence real hiring outcomes if used without human review.
The skill is explicitly intended to support candidate evaluation and hiring recommendations. That is purpose-aligned, but the recommendations may materially affect people if over-trusted.
Needs help with hiring decisions
Use the skill as an aid only; apply human review, documented criteria, privacy controls, and applicable employment-law or anti-bias checks.