create-application

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill demonstrates an indirect prompt injection surface by processing untrusted data from external job descriptions.\n
  • Ingestion points: Untrusted data enters the agent context via job offers, links, or pasted descriptions as specified in SKILL.md, references/guide-tailor-cv.md, and references/guide-generate-cover-letter.md.\n
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to disregard embedded commands within the job description text.\n
  • Capability inventory: Across SKILL.md and referenced guides, the skill reads Candidate-Profile.md (which likely contains PII), creates new files in the local directory, and invokes external tools like the Researcher Agent and the track-application command/skill.\n
  • Sanitization: The skill does not perform any escaping or validation on the job description content before using it to generate tailored documents.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 11:18 AM
Security Audit — agent-trust-hub — create-application