jobnet-search
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill communicates with the official Danish job portal API at
https://jobnet.dk/bffto perform searches and retrieve job details. This is an expected and documented functionality for its stated purpose. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted text from an external source.
- Ingestion points: Full job descriptions (body) are fetched from the Jobnet.dk API and processed in
cli/src/commands/detail.ts. - Boundary markers: The skill does not implement explicit delimiters or instructional warnings to prevent the agent from following directions that might be embedded within the job listings.
- Capability inventory: The agent has the capability to run the included CLI via the Bash tool as defined in
SKILL.md. - Sanitization: The
stripHtmlhelper incli/src/helpers.tsprovides basic sanitization by removing HTML tags and entities, which prevents certain formatting-based attacks but does not address natural language instruction overrides.
Audit Metadata