israeli-hr-recruitment-automator
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: Analysis of all skill files and scripts revealed no malicious patterns, unauthorized network operations, or credential harvesting. The skill's primary functions are implemented via local instructions and a benign Python validation script.
- [INDIRECT_PROMPT_INJECTION]: The skill possesses an indirect prompt injection attack surface as it is designed to ingest and interpret external resume data from candidates.
- Ingestion points: Resume text processed during the screening phase (Step 3).
- Boundary markers: Absent; there are no specific delimiters or 'ignore' instructions provided to the agent to distinguish resume content from system instructions.
- Capability inventory: The skill uses a local script
scripts/job-description-generator.pyand generates documents. It does not have access to sensitive file systems or network-based exfiltration tools that could be abused by an injection. - Sanitization: Absent; the skill lacks explicit logic to sanitize or escape instructions that might be embedded within resumes. This risk is inherent to recruitment tools but is minimized by the restricted capabilities of the skill.
Audit Metadata