evaluating-candidates
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to process untrusted candidate materials (resumes and portfolios), which creates a surface for indirect prompt injection where a candidate might include instructions to influence the AI's recommendation. Evidence Chain: 1. Ingestion points: 'Candidate materials (resume/portfolio + interview notes)' defined in the Inputs section of SKILL.md. 2. Boundary markers: No explicit delimiters or instructions to ignore embedded commands are used for the candidate-provided content. 3. Capability inventory: The skill is limited to text analysis and template generation; no subprocess execution, network requests, or sensitive file system access capabilities were detected. 4. Sanitization: No sanitization of the input text for malicious prompt instructions is mentioned beyond the advice to redact PII.
- [No Code] (SAFE): The skill consists entirely of Markdown and JSON configuration files. No executable scripts (.py, .js, .sh) or external code dependencies are present.
Audit Metadata