getajob
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (MEDIUM): The skill ingests untrusted data from web search results to generate resumes and cover letters.
- Ingestion points: External job listings and company news retrieved via web search are processed and summarized.
- Boundary markers: Absent. There are no instructions to delimit or treat external web content as untrusted data within the prompts.
- Capability inventory: File system write access to
~/getajob/and web search capabilities. - Sanitization: Absent. The skill does not specify any sanitization, filtering, or validation of the content retrieved from external job boards.
- Category 2 (LOW): Data Exposure. The skill stores user preferences and application materials in a predictable local directory (
~/getajob/). While this is functional for the skill's purpose, it aggregates sensitive career data that could be targeted by other malicious tools in the environment.
Audit Metadata