job-application-optimizer
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an architectural surface for indirect prompt injection because it is designed to process untrusted data from external sources and user files.\n
- Ingestion points: The skill retrieves external job descriptions using the
WebFetchandWebSearchtools and reads user-provided resumes via theReadtool.\n - Boundary markers: Absent; the skill does not provide the agent with specific delimiters or instructions to ignore or isolate potentially malicious instructions embedded within the job descriptions or resumes.\n
- Capability inventory: The skill is granted permissions for
Read,Write,Edit,WebSearch, andWebFetch, which allow the agent to perform network requests and modify local files based on the content it processes.\n - Sanitization: Absent; there are no verification or sanitization steps defined for the content fetched from external job boards or user resumes before it is used to influence the agent's behavior.
Audit Metadata