Fake Recruiter Take-Home Trap
A fake hiring conversation pushes the target to clone, install, or run a repo presented as a take-home task or broken project.
How the pattern works
The scam starts as a normal job lead. The attacker uses recruiter language, a remote role, or a freelance debugging request to make running code feel like part of the hiring process.
The dangerous handoff happens when the target receives a repository and is expected to install dependencies or start the app locally. At that point the scam has moved from persuasion into code execution.
Why it is effective
Developers are used to proving skill by running projects. A take-home task or "can you check why this app is broken?" request can feel routine, especially when the opportunity sounds attractive.
That normal workflow creates the opening. The attacker does not need the message to contain malware if the repo does.
What to check
Verify the recruiter, company, and role before touching the code. Then inspect the repo statically before installation.
If the hiring process is vague but the pressure to run a repo is high, treat the repo like an executable attachment from a stranger.