faion-hr-recruiter
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [NO_CODE] (SAFE): The skill consists entirely of Markdown documentation, templates, and frameworks for HR processes such as recruitment funnels and onboarding phases. No executable scripts (Python, JavaScript, Shell) or configuration files that trigger code execution were found across the 70 analyzed files.
- [PROMPT_INJECTION] (SAFE): No instructions targeting the agent's behavior, attempting to override system constraints, or bypassing safety filters were detected. The content is strictly professional and focuses on HR best practices.
- [DATA_EXFILTRATION] (SAFE): No hardcoded credentials (API keys, tokens), sensitive file paths (e.g., SSH keys), or network-enabled commands (e.g., curl, wget) are present in the documentation or metadata.
- [INDIRECT_PROMPT_INJECTION] (SAFE): The skill defines workflows for processing external data such as resumes and candidate feedback. However, since the package contains no actual implementation code, automation logic, or prompts for an LLM to process this data, it presents no immediate vulnerability surface.
Audit Metadata