resume-updater
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes user-controlled data from a local JSON file without sanitization, creating a surface for indirect prompt injection.\n
- Ingestion points: The skill reads 'career-profile.json' from the project root directory to contextualize the interview process (SKILL.md).\n
- Boundary markers: The instructions do not define delimiters or provide guidance to ignore instructions found within the ingested data.\n
- Capability inventory: The skill has the ability to write to the file system to update the 'career-profile.json' file.\n
- Sanitization: There is no requirement or logic provided for the agent to sanitize or validate data read from the file before processing it.
Audit Metadata