resume-screener
Fail
Audited by Gen Agent Trust Hub on Feb 13, 2026
Risk Level: HIGHPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- Prompt Injection (HIGH): The skill is susceptible to Indirect Prompt Injection (Category 8). Evidence: 1. Ingestion points: The 'Evaluate Resume' section in SKILL.md ingests untrusted resume data. 2. Boundary markers: No delimiters or instructions to ignore embedded commands are present in the instructions. 3. Capability inventory: The skill makes high-impact decisions including 'Interview Recommendation' and 'Priority Matrix' classification. 4. Sanitization: No sanitization or validation of resume content is performed, allowing malicious instructions within a resume to manipulate the candidate evaluation results.
- External Downloads (MEDIUM): The skill references an unverifiable dependency '@clawfu/mcp-skills' as an mcp-server. Evidence: The metadata specifies an MCP server from an untrusted author ('ClawFu'), which poses a risk of supply chain attack or execution of unvetted code.
Recommendations
- AI detected serious security threats
Audit Metadata