create-application
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill demonstrates an indirect prompt injection surface by processing untrusted data from external job descriptions.\n
- Ingestion points: Untrusted data enters the agent context via job offers, links, or pasted descriptions as specified in
SKILL.md,references/guide-tailor-cv.md, andreferences/guide-generate-cover-letter.md.\n - Boundary markers: There are no explicit delimiters or instructions provided to the agent to disregard embedded commands within the job description text.\n
- Capability inventory: Across
SKILL.mdand referenced guides, the skill readsCandidate-Profile.md(which likely contains PII), creates new files in the local directory, and invokes external tools like theResearcher Agentand thetrack-applicationcommand/skill.\n - Sanitization: The skill does not perform any escaping or validation on the job description content before using it to generate tailored documents.
Audit Metadata