ai-job-application-optimizer

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to its processing of external, user-provided job materials.
  • Ingestion points: The skill ingests untrusted text, files, and URLs via the materialText, materialFile, and materialUrl parameters defined in references/form-schema.json.
  • Boundary markers: No specific boundary markers or instructions to ignore embedded commands are present in the skill files to separate untrusted data from the agent's instructions.
  • Capability inventory: The scripts/run.py script possesses network capabilities to communicate with the https://ai-skills.ai API and access environment variables like AISKILLS_API_KEY.
  • Sanitization: There is no evidence of sanitization or content validation in the skill's code to prevent malicious instructions embedded in documents from influencing the agent's behavior.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:31 AM
Security Audit — agent-trust-hub — ai-job-application-optimizer