openjobs-people-match

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill instructs the agent to ask the user for their Mira API key and includes commands that echo the provided key into a file (embedding the secret verbatim), which requires handling/outputting the secret directly and creates exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's "Common Operations" bulk-grade example accepts arbitrary "linkedin_urls" (https://www.linkedin.com/...) which are public, user-generated web pages that the API will fetch and grade—allowing untrusted third-party content to influence scoring and subsequent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill performs a runtime version check against https://mira-api.openjobs-ai.com/v1/version and, if newer, explicitly downloads and replaces its SKILL.md from https://raw.githubusercontent.com/OpenJobsAI/openjobs-openclaw-skills/main/openjobs-people-match/SKILL.md which directly controls the agent's instructions at runtime.