resume-master
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill incorporates Python scripts (
render_pdf.py,pdf_to_images.py,pdf_page_count.py) that utilize thesubprocessmodule to invoke external system utilities, including Google Chrome (for HTML-to-PDF rendering), ImageMagick, Poppler (pdftoppm), andpdfinfo. These executions are essential for the skill's core functions. The scripts employ list-based argument passing, which is a security best practice to prevent shell injection vulnerabilities. - [PROMPT_INJECTION]: The skill contains an attack surface for indirect prompt injection as it is designed to ingest and process untrusted external data, specifically user-provided Job Descriptions (JDs) and legacy PDF resumes.
- Ingestion points: Workflow B in
SKILL.mdinstructs the agent to read and analyze JDs and old resumes uploaded by the user. - Boundary markers: No specific delimiters are mandated to differentiate between the agent's core instructions and the content of the processed documents.
- Capability inventory: The skill can execute subprocesses to render and convert files and write output to the local file system.
- Sanitization: The scripts use standard path resolution and input validation for page numbers and file extensions, though they do not sanitize the text content of the documents before analysis.
- [EXTERNAL_DOWNLOADS]: The HTML templates in the
assetsdirectory reference external resources for styling and demonstration purposes. - The templates load CSS and fonts from well-known services including Cloudflare (cdnjs) and Google Fonts.
- A placeholder image is referenced from an Alibaba Cloud OSS bucket (
oss-cn-shanghai.aliyuncs.com). These references are used solely for visual presentation in the generated resumes.
Audit Metadata