cover-letter-writer
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMDATA_EXFILTRATIONPROMPT_INJECTIONNO_CODE
Full Analysis
- DATA_EXFILTRATION (MEDIUM): The skill accesses local files containing sensitive personal identifiable information (PII).
- Evidence:
SKILL.mdinstructs the agent to read../../context/information.md(containing Phone Number and Location) and several other profile context files. - Risk: Accessing sensitive user data outside the immediate skill scope is a data exposure risk. The severity is downgraded from HIGH to MEDIUM because the access is directly tied to the primary purpose of drafting a personalized document.
- PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection (Category 8) through processing external Job Descriptions (JD).
- Ingestion points: The 'JD' analyzed during the 'Setup' phase in
SKILL.mdis an external, untrusted input. - Boundary markers: Absent; there are no instructions or delimiters defining the boundaries of the JD or warning the agent to ignore instructions within it.
- Capability inventory: The skill's capabilities are limited to text generation; it has no network access or shell execution rights.
- Sanitization: Absent; the JD content is evaluated for 'pains' and 'evidence' without prior sanitization.
Audit Metadata