Back to skill

Security audit

招聘推进助手 / Recruiting Follow-up Copilot

Security checks across malware telemetry and agentic risk

Overview

This skill creates recruiting summaries, messages, and local files as advertised, but the HR data it handles should be reviewed and kept confidential.

Install only if you are authorized to process recruiting data. Treat generated DOCX, CSV, and JSON files as confidential HR records, choose a private output directory, check for same-name file overwrites, and have an HR owner verify all recommendations, tracker rows, and candidate messages before use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill explicitly instructs the agent to generate downloadable DOCX/CSV artifacts and run local scripts that write output files, but it does not require any user confirmation, dry-run behavior, destination disclosure, or warning about handling candidate PII. In an HR context, these files can contain sensitive interview feedback and candidate data, so silent file creation or write-back increases privacy, data handling, and unintended modification risk.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill directs updating ATS or spreadsheet trackers and prioritizing user-provided schemas, but it does not warn about data integrity, accidental overwrites, schema mismatch, or privacy consequences of persisting recruiting decisions. Because tracker rows may become system-of-record entries for hiring actions, an incorrect or automatic write-back can propagate sensitive or inaccurate candidate status data.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The default prompt invokes a broad 'recruiting workflow' without defining boundaries on what data may be processed, what actions are allowed, or what decisions must remain human-reviewed. In an HR context, this can lead the agent to over-handle sensitive candidate data, generate inappropriate hiring guidance, or write back misleading records beyond the user's intended scope.

Natural-Language Policy Violations

Medium
Confidence
78% confidence
Finding
Forcing or prioritizing Simplified Chinese output by default without user choice can cause misunderstandings, especially for multilingual recruiting teams or candidates expecting another language. In hiring workflows, language mismatch can result in inaccurate summaries, flawed candidate communications, or incorrect tracker entries affecting fairness and process quality.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.