apply-job

The skill's described purpose (automated job applications with resume tailoring and multi-channel recruiter outreach) is broadly coherent with its workflow. However, there are notable security and privacy concerns: automatic execution (AUTO-PROCEED) without user confirmation, credential handling for Gmail/LinkedIn, broad data exfiltration paths via WebFetch/WebSearch, and potential transfer of highly personal data to third-party services. The use of unverified or broad automation across multiple external platforms increases risk of credential leakage and unintended actions. Trust hinges on explicit controls, secure credential handling, constrained data flows to official APIs, and user-permission prompts for each outreach action. At present, the footprint shows suspicious-to-high risk signals due to credential exposure vectors, autonomous real-world actions, and multi-service data flow that could lead to data leakage or abuse.