cv-creator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs the agent to "Fetch job description from URL" and extract keywords from that job posting (see references/interfaces-integration.md "Standalone Quick Optimization" and references/resume-protocol.md Step 1), meaning it ingests untrusted public web content that directly influences resume generation and subsequent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly fetches a job description from a user-provided external job posting URL at runtime ("Optimize my resume for this job posting: [URL]") — e.g., an arbitrary external job posting URL such as https://jobs.example.com/role/12345 — and the fetched content is used to extract keywords and directly control the model's resume-generation prompts, so this is a runtime external dependency that can control agent behavior.