The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes multiple shell commands and scripts, including node for email operations, pdftotext for data extraction, and bash for reporting tasks.
[DATA_EXFILTRATION]: Extracted resume content, analysis reports, and original PDF files are transmitted to an external endpoint via curl using a Webhook URL. While this is the intended functionality, it involves the movement of personal and internal data to an external service.
[CREDENTIALS_UNSAFE]: The instructions explicitly reference and access local files containing sensitive authentication data, such as the .env file for the imap-smtp-email skill and a dedicated .wecom_webhook configuration file.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted text from PDF resumes. An attacker could embed malicious instructions within a resume to influence the agent's evaluation or report generation.
Ingestion points: Reads PDF attachments from external recruitment emails.
Boundary markers: None identified for separating resume text from analysis instructions.
Capability inventory: File system read/write, shell command execution, and network transmission via curl.
Sanitization: Includes basic noise/watermark filtering but lacks security-focused sanitization of the extracted text before processing by the LLM.

Boss Resume Analyzer