candidate-kb
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill dynamically assembles shell commands for the
braggerCLI tool by interpolating data extracted from user-provided resumes and messages into command-line arguments like--dataand--content. Maliciously crafted input within a resume could attempt to break out of the command string to execute unauthorized shell operations.- [PROMPT_INJECTION]: The skill exhibits an attack surface for Category 8 (Indirect Prompt Injection) as it processes untrusted external content. - Ingestion points: CV files or text provided by the user via the Read tool or direct pasting, as specified in the CV Ingestion capability.
- Boundary markers: Absent. The skill instructions do not require the use of delimiters or 'ignore instructions' markers when handling CV content.
- Capability inventory: The agent executes the
braggerCLI tool which performs file-system writes to thecandidate-kb.jsonlfile. - Sanitization: Absent. There are no instructions for the agent to escape, validate, or sanitize the data extracted from resumes before passing it to the CLI interface.
Audit Metadata