glmv-resume-screen

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's CLI and scripts (scripts/resume_screen.py) accept arbitrary resume file URLs and add them as "file_url" entries in the payload sent to the GLM-V model (API_BASE_URL), meaning the model ingests and interprets untrusted third-party documents from arbitrary URLs as part of its screening workflow.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill requires user-supplied resume file URLs (e.g., "https://example.com/resume1.pdf") which are sent at runtime as "file_url" content to the GLM‑V API, thereby injecting remote content directly into the model context (a prompt‑injection vector) and the skill depends on those external URLs as required inputs.