resume-manager

The documented skill appears functionally consistent and not overtly malicious from the provided description. The primary security/privacy risks are (1) persistent local storage of highly sensitive PII at a predictable path without documented encryption or access controls, (2) inability to audit the actual implementation (scripts are not provided) which could contain network exfiltration, telemetry, or code-execution behaviors, and (3) use of skill-directory imports and dependency installation which broaden the supply-chain attack surface. Before trusting this package, inspect scripts/resume_db.py and scripts/pdf_generator.py for network usage, dynamic execution, logging of PII, and ensure storage is configurable/secure and dependencies are pinned.