israeli-job-market

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFENO_CODECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [SAFE]: The provided files contain no evidence of malicious intent, credential theft, or unauthorized data access. The content is professional and strictly aligned with the stated purpose of job market assistance.
  • [NO_CODE]: The skill references a Python script (scripts/salary_calculator.py) in its documentation; however, no executable code was included in the analyzed file set.
  • [COMMAND_EXECUTION]: The skill configuration allows for Python execution and web fetching. These tools are appropriate for the intended functions of salary calculation and retrieving job listings from external platforms.
  • [PROMPT_INJECTION]: The skill is designed to fetch and process data from external websites, which creates a theoretical surface for indirect prompt injection.
  • Ingestion points: External job platforms such as AllJobs, Drushim, and LinkedIn (referenced in SKILL.md).
  • Boundary markers: None present; the skill lacks explicit instructions to ignore commands embedded in fetched data.
  • Capability inventory: The agent is granted Bash(python:*) and WebFetch capabilities in the SKILL.md frontmatter.
  • Sanitization: No validation or sanitization logic is specified for data retrieved from external sources.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 09:15 PM
Security Audit — agent-trust-hub — israeli-job-market