ai-job-application-optimizer
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to its processing of external, user-provided job materials.
- Ingestion points: The skill ingests untrusted text, files, and URLs via the
materialText,materialFile, andmaterialUrlparameters defined inreferences/form-schema.json. - Boundary markers: No specific boundary markers or instructions to ignore embedded commands are present in the skill files to separate untrusted data from the agent's instructions.
- Capability inventory: The
scripts/run.pyscript possesses network capabilities to communicate with thehttps://ai-skills.aiAPI and access environment variables likeAISKILLS_API_KEY. - Sanitization: There is no evidence of sanitization or content validation in the skill's code to prevent malicious instructions embedded in documents from influencing the agent's behavior.
Audit Metadata