batch-resume-screener Security Report — Trusted | ClawSafe

5 /100

batch-resume-screener

Batch screens multiple resumes against multiple job positions using strict evaluation rules

This is a legitimate batch resume screening skill with no security issues. The Python script safely extracts PDF text content using pdfplumber, and all documentation accurately reflects the implementation.

Skill Namebatch-resume-screener

Duration41.2s

Enginepi

✓

Safe to install

This skill is safe to use. No security concerns identified.

Findings 1 items

Severity	Finding	Location
Low	Dependency version not pinned Supply Chain The README.md documents 'pip install pdfplumber' without version constraints. While pdfplumber is a well-known legitimate library, version pinning is a best practice for supply chain security. `pip install pdfplumber` → Consider pinning the dependency version (e.g., pip install pdfplumber>=0.10.0) to ensure reproducible builds	`README.md:147`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`WRITE`	`WRITE`	✓ Aligned	step1_extract_resumes.py creates output .txt files in user-specified directory
Network	`NONE`	`NONE`	—	No network requests in implementation
Shell	`NONE`	`NONE`	—	No subprocess or shell execution in step1_extract_resumes.py
Environment	`NONE`	`NONE`	—	No environment variable access in implementation
Skill Invoke	`NONE`	`NONE`	—	No skill invocation observed
Clipboard	`NONE`	`NONE`	—	No clipboard access
Browser	`NONE`	`NONE`	—	No browser access
Database	`NONE`	`NONE`	—	No database access

File Tree

3 files · 28.4 KB · 802 lines

Markdown 2f · 724L Python 1f · 78L

├─ 📝 README.md Markdown 169L · 7.3 KB

├─ 📝 SKILL.md Markdown 555L · 18.7 KB

└─ 🐍 step1_extract_resumes.py Python 78L · 2.4 KB

Dependencies 1 items

Package	Version	Source	Known Vulns	Notes
`pdfplumber`	`*`	pip	No	Version not pinned, but library is well-known and legitimate

Security Positives

✓ SKILL.md and README.md are consistent and accurately describe the skill's functionality

✓ Python script uses only standard libraries plus pdfplumber - no suspicious dependencies

✓ No network requests, shell execution, or credential access

✓ No access to sensitive paths (~/.ssh, ~/.aws, .env)

✓ No base64 encoding/decoding or obfuscation techniques

✓ Proper file handling with cleanup of temporary directories

✓ Input validation on command-line arguments

✓ No eval, exec, or dynamic code execution

✓ Script stays within its designated output directory

Scan Report

Findings 1 items

File Tree

Dependencies 1 items

Security Positives