job-posting-match

Pass

Audited by Gen Agent Trust Hub on Jun 25, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches HTML from JobKorea and Saramin search result pages. These are well-known job platforms, and the data retrieval is limited to public listings relevant to the user's resume keywords.
  • [COMMAND_EXECUTION]: The skill runs a Python script to analyze resume text and rank job matches. The script identifies job titles, tools, and industries to generate search queries and does not perform any unauthorized system actions.
  • [PROMPT_INJECTION]: The skill processes user-provided resume text. It mitigates the risk of indirect prompt injection by using a script-level keyword extraction system that filters the input for specific professional terms before passing them to external search engines.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 25, 2026, 01:40 PM
Security Audit — agent-trust-hub — job-posting-match