resume-cv-builder
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides a shell script template in the 'Keyword Optimization' section for extracting terms from job descriptions using the echo command. This pattern is susceptible to command injection if the agent interpolates user-provided text directly into the shell environment without proper sanitization.
- [PROMPT_INJECTION]: The skill is designed to process untrusted external content such as resumes and job descriptions which creates a surface for indirect prompt injection. 1. Ingestion points: The skill explicitly prompts users to 'paste JD' (job descriptions) to be used for tailoring resumes. 2. Boundary markers: There are no instructions or delimiters provided to separate user-provided text from the skill's instructions or to warn the agent against following instructions embedded in the external data. 3. Capability inventory: The skill utilizes system binaries including pandoc and standard shell utilities like tr, grep, and sort. 4. Sanitization: No sanitization or validation of external input is mentioned in the skill body.
Audit Metadata