job-hunt-tailor
Pass
Audited by Gen Agent Trust Hub on May 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill processes user resumes and job descriptions to generate customized Markdown files. All file operations are restricted to the provided working directory and output subfolders.
- [SAFE]: No network requests, external downloads, or remote code execution patterns were identified. The skill does not use tools like curl, wget, or pip.
- [SAFE]: The skill contains no obfuscation, hardcoded credentials, or persistence mechanisms.
- [PROMPT_INJECTION]: While the skill ingests untrusted data (job descriptions and resumes), the risk is minimal as its capabilities are limited to generating Markdown and JSON status files. It lacks the network or execution tools necessary to escalate an indirect prompt injection attack.
- Ingestion points: The skill reads untrusted content from
resume.mdandjd-pool/<id>.md(SKILL.md). - Boundary markers: No specific delimiters are defined to isolate untrusted data from instructions.
- Capability inventory: File reading and writing (Markdown/JSON). No network access, subprocess calls, or evaluation of code.
- Sanitization: No explicit sanitization or filtering of external content is performed.
Audit Metadata