Back to skill

Security audit

resume-parser

Security checks across malware telemetry and agentic risk

Overview

This resume parser appears purpose-built, but it handles sensitive personal data while overstating local-only processing and leaving model/data handling unclear.

Review before installing. Use only with resumes you are authorized to process, and confirm the language model backend is truly local/offline before supplying real personal data. Consider redacting contact details, age, gender, and other unnecessary fields, and avoid retaining generated JSON or prompts longer than needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Tp4

High
Category
MCP Tool Poisoning
Confidence
94% confidence
Finding
The skill claims to be a fully local resume parsing and matching system without external APIs, but the documented workflow delegates core extraction and scoring to a large model prompt rather than an implemented local parser/scoring engine. This mismatch can mislead users about how their sensitive resume data is processed, creating privacy, trust, and compliance risks if users assume stronger locality or determinism than actually exists.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill metadata claims JD matching is performed completely locally, but this file only assembles a prompt containing the full resume and JD and instructs the caller to send it to a large model. That creates a security and privacy mismatch: sensitive personal data may be transmitted to an external model service despite users being told no external API is needed.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README explicitly describes extracting structured resume data including personal information, education, work history, and skills, but provides no privacy notice, data-handling guidance, or warning that the skill processes sensitive personal data. In a resume-parsing context, this omission can lead users to upload highly sensitive PII without understanding retention, access, logging, or local storage risks, increasing the chance of privacy violations or unsafe operational use.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill is designed to ingest and export highly sensitive personal data from resumes, including phone numbers, email addresses, age, gender, location, education, and work history, yet it provides no explicit privacy warning, retention guidance, or handling constraints. In the context of employment data, this increases the risk of unauthorized disclosure, over-collection, insecure storage/export, and noncompliance with privacy and anti-discrimination requirements.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.