glmv-resume-screen
Pass
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a vulnerability surface for indirect prompt injection by ingesting and processing content from external resume files (PDF, DOCX, TXT).\n
- Ingestion points: Resume content is ingested in
scripts/resume_screen.pyvia URLs or local PDF files.\n - Boundary markers: Absent. The skill provides resume content to the model without explicit delimiters or instructions to ignore embedded commands, allowing a malicious resume to potentially override the screening instructions.\n
- Capability inventory: The skill has file system read access (for local PDFs) and network access (to Zhipu AI API endpoints).\n
- Sanitization: Absent. No validation or filtering is performed on the extracted resume content before it is passed to the multimodal model.
Audit Metadata