Skills
skills/mattforni/dotfiles/job-apply/Gen Agent Trust Hub

job-apply

Pass

Audited by Gen Agent Trust Hub on Mar 30, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted job posting data via WebFetch or WebSearch to generate application responses, creating a surface for indirect prompt injection. * Ingestion points: External job postings (SKILL.md). * Boundary markers: There are no explicit delimiters or instructions for the agent to ignore instructions embedded in the job postings. * Capability inventory: The agent uses the draft_email tool to create communications (SKILL.md). * Sanitization: The skill does not implement sanitization for the content it fetches.
  • [DATA_EXFILTRATION]: The skill reads from local paths containing personal user data, such as /Users/forni/Craft/vocation/network/contacts.md. This access is functional for the skill's purpose but presents a data exposure surface if the agent is manipulated by malicious instructions in the external content it processes.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 30, 2026, 03:17 PM