linkedin-jobs
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill fetches untrusted job descriptions and summaries from LinkedIn. * Ingestion points: scripts/fetch_linkedin_job.py and scripts/search_linkedin_jobs.py (via the BrightData API response). * Boundary markers: Absent. The scripts return raw JSON data to the calling agent. * Capability inventory: The scripts themselves only perform network reads and print to stdout; no dangerous system capabilities are present in this skill's code. * Sanitization: Absent. Content is passed from the API to output without filtering.
- [Network Operations] (SAFE): The scripts communicate with api.brightdata.com to fulfill their primary purpose. This is legitimate behavior consistent with the skill's description.
Audit Metadata