Skills
skills/ajbcoding/claude-skill-eval/job-description-analysis/Gen Agent Trust Hub

job-description-analysis

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through the ingestion of untrusted job description data.
  • Ingestion points: The skill accepts untrusted data from pasted text, uploaded PDF/Word documents, and external URLs via the WebFetch tool as described in Phase 1 (Document Intake).
  • Boundary markers: Absent. The skill instructions do not specify the use of delimiters or 'ignore' instructions to separate the untrusted input data from the agent's core instructions.
  • Capability inventory: The skill has the capability to write Markdown and JSON files to the '~/career-applications/' directory and perform network read operations via the WebFetch tool.
  • Sanitization: Absent. The extracted text from the job posting is processed directly and interpolated into the output analysis without explicit sanitization or escaping of potentially malicious content.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 01:07 AM