A reminder for all devs
this is a reminder for all devs:
don’t blindly run code from unknown sources
especially in "take-home assignments"
even if:
- the recruiter looks legit
- the company name is real
- the process feels professional
always verify:
- github org
- codebase
- what actually runs on install
almost got tricked today… and it looked 100% legit
a recruiter reached out to me for a Web3 role
good company name, strong salary ($120–150/h), clean conversation, structured process…
everything felt real, until they sent a "technical test"
👉 a github repo, looked normal
👉 once they said will send a simple task (30 min), something felt off
so instead of running it blindly, I checked the code first…
and yeah… hidden obfuscated script inside a config file (tailwind.config.js)
basically something that has NOTHING to do with styling
and definitely shouldn’t be there
at that point it was clear: this wasn’t a normal hiring process
this kind of stuff is getting more common lately (especially in web3/dev space)
stay sharp. anyone else here faced something similar?
