resume-bullet-writer
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is purely informational and instructional. It provides frameworks (STAR, XYZ, CAR), action verbs, and examples for resume writing without utilizing any external tools or code execution.
- [PROMPT_INJECTION]: No evidence of prompt injection, jailbreak attempts, or instructions to bypass safety filters was found in the instructions or metadata. The content is strictly focused on its stated purpose of career development.
- [DATA_EXFILTRATION]: There are no network-enabled commands (e.g., curl, wget) or instructions to send data to external domains. The skill does not access sensitive environment variables or local credential files.
- [REMOTE_CODE_EXECUTION]: No remote scripts are downloaded or executed. There are no dependencies or package management files (e.g., requirements.txt, package.json) that could introduce supply chain risks.
- [INDIRECT_PROMPT_INJECTION]: While the skill ingests untrusted user input (resume bullets), it lacks any dangerous capabilities—such as file system writes, network requests, or shell execution—that could be exploited via malicious content within the user's resume. The risk is negligible as it only performs text-to-text transformations.
Audit Metadata