51mee-resume-parse
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, hardcoded credentials, or dangerous scripts were detected. The skill consists entirely of a prompt template and descriptive metadata.\n- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it processes untrusted user content (extracted resume text) within a prompt.\n
- Ingestion points: The
{简历文本内容}placeholder inSKILL.mdreceives external data from uploaded files.\n - Boundary markers: The prompt uses HTML code block delimiters (```html) to isolate the untrusted content from the instructions.\n
- Capability inventory: No script files, subprocess calls, or network operations are present in the skill, limiting the potential impact of an injection to output manipulation only.\n
- Sanitization: There is no explicit sanitization of input text before it is interpolated into the prompt.
Audit Metadata