talent-acquisition
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill follows standard operating procedures for talent acquisition and includes benign Python scripts for metric analysis and document generation.
- [COMMAND_EXECUTION]: The skill provides Python scripts (
candidate_pipeline_tracker.py,interview_scorecard.py,job_posting_analyzer.py) for local execution. Analysis of these scripts confirms they perform purely analytical tasks (CSV parsing, regex-based text analysis) without invoking shell commands or accessing external network resources. - [DATA_EXPOSURE]: Script file access is limited to reading user-provided input files (CSV and markdown). There is no access to sensitive system directories (~/.ssh, ~/.aws) or environment variables containing credentials.
- [PROMPT_INJECTION]: The instructions in
SKILL.mddefine a senior talent acquisition role and workflow. There are no patterns suggesting attempts to bypass safety filters, override system instructions, or extract internal configuration.
Audit Metadata