Skills
skills/dataeq/go-people-skills/apply/Gen Agent Trust Hub

apply

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATIONNO_CODE
Full Analysis
  • PROMPT_INJECTION (LOW): The /apply endpoint includes a 'notes' field that serves as a surface for indirect prompt injection. 1. Ingestion points: 'notes' and 'about' fields in the /apply request body enter agent context from user input. 2. Boundary markers: Absent in the specification. 3. Capability inventory: Authenticated network POST requests to an external API. 4. Sanitization: None specified in the definition.
  • DATA_EXFILTRATION (LOW): The skill transmits personal data (email, name, LinkedIn) to the non-whitelisted domain go-people.goodoutcomes.ai.
  • DATA_EXFILTRATION (LOW): The resume upload process generates a public URL for documents, potentially exposing personal information if the URL is accessed by unauthorized parties.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 05:51 PM