resume-job-match-lab
Security checks across malware telemetry and agentic risk
Overview
This is a local resume-to-job matching helper with no hidden network, credential, persistence, or destructive behavior found.
This skill appears safe to install for local resume analysis. Because resumes can contain sensitive personal information, only run the helper script on files you intend to analyze, choose a clear output path so it does not overwrite something important, and verify the installed version because the registry metadata and SKILL.md version differ.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.