job-application-optimizer
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [NO_CODE]: The skill consists entirely of Markdown instructions for the AI agent and does not provide any executable Python, JavaScript, or shell scripts. This significantly reduces the threat profile by eliminating potential for malware execution or privilege escalation.
- [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection based on its intended workflow of ingesting and analyzing untrusted external content.
- Ingestion points: The skill instructs the agent to process data from job descriptions retrieved via 'WebFetch' and resume content via the 'Read' tool.
- Boundary markers: The instructions lack explicit delimiters or markers to isolate the ingested job/resume data from the agent's core instructions, which could allow maliciously crafted text in a job description to influence agent behavior.
- Capability inventory: The skill is authorized to use 'Read', 'Write', 'Edit', 'WebSearch', and 'WebFetch' tools, providing a wide range of actions that could be targeted by an injection.
- Sanitization: No sanitization, filtering, or validation steps are included for the data retrieved from external job postings or user-provided files.
Audit Metadata