career-skill-planner
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill does not perform any sensitive system operations, network requests, or shell command executions. It functions as a structured text-to-text transformation tool providing informational content to the user.
- [PROMPT_INJECTION]: The skill represents a surface for indirect prompt injection because it processes user-supplied career descriptions and job documents (JD/PRD). However, the risk is negligible as the output is restricted to text prompts intended for manual review and copy-pasting by the user.
- Ingestion points: User-provided job titles, workplace descriptions, and professional documents in SKILL.md.
- Boundary markers: Absent.
- Capability inventory: Limited to generating structured text; no access to shell, network, or file system tools.
- Sanitization: The skill uses natural language instructions to guide the agent's analysis but lacks technical sanitization for ingested content. The requirement for manual user action to 'copy-paste' the results acts as a safety checkpoint.
Audit Metadata