hiring-scorecard
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill instructions are focused on hiring consultancy tasks and do not contain any attempts to bypass safety filters, override system instructions, or extract underlying model prompts.
- [DATA_EXFILTRATION]: There are no network-capable commands or references to sensitive local files such as SSH keys, environment variables, or cloud credentials. All file operations are confined to the generation of the hiring scorecard.
- [COMMAND_EXECUTION]: The skill utilizes standard tools to create and read documentation. No evidence of arbitrary shell execution, privilege escalation (sudo), or persistent system modifications was found.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests user-supplied job requirements and context. While this data is external and untrusted, the skill mitigates risk by enforcing a strict markdown template and providing specific, role-based behavioral anchors that limit the influence of potentially malicious instructions embedded in the input text.
Audit Metadata