review
Warn
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- Dynamic Execution (MEDIUM): Path Traversal Vulnerability. The skill constructs local file paths dynamically using a type-slug variable in Step 0 and Step 2 to locate reference documentation (e.g., CLAUDE_PLUGIN_ROOT/skills/identify/references/types/[type-slug].md). If the document identification process is subverted to return a malicious identifier containing traversal sequences, the agent may attempt to read unauthorized files within the environment.
- Indirect Prompt Injection (LOW): Vulnerability to untrusted data. The skill ingests user-provided resumes for analysis. Evidence: 1. Ingestion points: Input Handling and Step 0. 2. Boundary markers: Absent; the resume text is processed without explicit delimiters. 3. Capability inventory: Local file read access and text output; no network or shell execution capabilities are active. 4. Sanitization: No filtering or escaping is applied to the untrusted resume content.
Audit Metadata