offer-letter
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
catcommand with shell redirection to save generated offer letters to the file system. It incorporates a placeholder for the filename ([candidate_last_name]) derived from user input. - [COMMAND_EXECUTION]: The shell instruction uses a quoted heredoc (
'EOF') which is a security best practice to ensure the content of the letter is treated as a literal string and not evaluated by the shell. - [SAFE]: The skill manages sensitive recruitment data locally and does not initiate network connections or external data transmissions.
- [SAFE]: Mandatory Evidence Chain for Category 8: (1) Ingestion points: User-supplied candidate details collected in SKILL.md; (2) Boundary markers: Brackets (
[]) used within the markdown template; (3) Capability inventory: File system write access via shell; (4) Sanitization: Relies on the agent's implementation of placeholder substitution.
Audit Metadata