job-posting-match
Pass
Audited by Gen Agent Trust Hub on Jun 25, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches HTML from JobKorea and Saramin search result pages. These are well-known job platforms, and the data retrieval is limited to public listings relevant to the user's resume keywords.
- [COMMAND_EXECUTION]: The skill runs a Python script to analyze resume text and rank job matches. The script identifies job titles, tools, and industries to generate search queries and does not perform any unauthorized system actions.
- [PROMPT_INJECTION]: The skill processes user-provided resume text. It mitigates the risk of indirect prompt injection by using a script-level keyword extraction system that filters the input for specific professional terms before passing them to external search engines.
Audit Metadata