analyze-resume
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an attack surface for Indirect Prompt Injection as it processes untrusted data from external files.
- Ingestion points: External PDF and text files are read in 'Phase 0' using a system 'Read' tool.
- Boundary markers: There are no explicit delimiters or instructions provided to the agent to disregard potential commands embedded within the resume text.
- Capability inventory: The skill possesses the capability to read local file system content. No network-write or arbitrary command execution capabilities were identified in the prompt logic.
- Sanitization: The skill does not implement sanitization, filtering, or validation of the content extracted from the files before processing it in subsequent phases.
Audit Metadata