tailored-resume-generator
Warn
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: MEDIUMNO_CODEPROMPT_INJECTIONSAFE
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external data, such as job descriptions and resumes, which serves as a potential vector for indirect prompt injection.\n
- Ingestion points: SKILL.md describes processes for analyzing job descriptions and candidate backgrounds provided by users.\n
- Boundary markers: There are no instructions for the agent to use delimiters or defensive filtering when processing these inputs.\n
- Capability inventory: No executable capabilities (network, file-write, or subprocesses) are defined in any scripts.\n
- Sanitization: No sanitization or validation of the input text is performed.\n- [PROMPT_INJECTION]: The skill's metadata (YAML frontmatter) contains a 'sercurity-review' field claiming a review by an external entity ('theskills.ai'), which is an unverifiable claim regarding the skill's safety.\n- [NO_CODE]: No executable scripts, binaries, or configuration files for code execution are present in the skill package.
Audit Metadata