talent-sourcing
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes untrusted data from external sources such as LinkedIn and Indeed (Steps 3 and 4 in
SKILL.md). - Ingestion points: Data returned by
nimble searchandnimble extractcommands inSKILL.md. - Boundary markers: The instructions do not define explicit delimiters or 'ignore' directives to isolate untrusted web content from the agent's core instructions.
- Capability inventory: The agent has significant capabilities, including executing shell commands via
Bash, file system access viaReadandWrite, and the ability to spawn sub-agents via theAgenttool. - Sanitization: No sanitization or validation is performed on the content extracted from external candidate profiles before it is presented to the agent.
- [COMMAND_EXECUTION]: The skill utilizes the
Bashtool to run commands for environment setup, searching, and profile extraction. It also usespython3for date manipulation and for updating the user's business profile configuration as described inreferences/profile-and-onboarding.md. - [EXTERNAL_DOWNLOADS]: The skill documentation provides instructions for installing the
@nimbleway/clipackage from npm. This package is provided by the skill's author and is required for the skill to perform its intended functions.
Audit Metadata