talentreview-jobs
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes job and organization data from an external API, which could be manipulated to include hidden instructions. \n
- Ingestion points: Job descriptions and search results from Action 1, 2, and 3. \n
- Boundary markers: No delimiters or ignore-instructions warnings provided in the prompt templates. \n
- Capability inventory: The skill is limited to API interactions with api.talentreview.ai; no subprocess calls, file writing, or dynamic code execution capabilities are present. \n
- Sanitization: Not specified in the skill documentation.
- [Data Exposure] (SAFE): No hardcoded credentials were identified. The authentication header uses a clearly marked placeholder.
Audit Metadata