HR简历分析评分报告

Security checks across malware telemetry and agentic risk

Overview

This resume-scoring skill is not malware, but it handles candidate personal data and makes subjective hiring inferences without enough privacy, consent, or retention controls.

Install only if you are comfortable using it for HR screening and can enforce your own privacy controls. Before use, tell users and candidates what data will be processed, avoid unnecessary personality or retention predictions, restrict access to output files, and delete temporary resume files and exported reports when they are no longer needed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands

Findings (9)

Description-Behavior Mismatch

Medium

Confidence: 94% confidence
Finding: The skill is presented as a resume scoring and JD-matching tool, but it also performs personality and leadership inference that materially expands processing beyond the stated scope. This creates a scope-creep risk where users may unknowingly rely on sensitive, subjective inferences not clearly disclosed in the skill's primary description.

Description-Behavior Mismatch

Medium

Confidence: 93% confidence
Finding: The document extends from resume parsing/scoring into resume authenticity checks and background-investigation-style recommendations, which go beyond ordinary matching analysis. That mismatch can mislead users about the nature of processing and encourage unsupported or privacy-invasive decision-making based on incomplete evidence.

Description-Behavior Mismatch

Medium

Confidence: 92% confidence
Finding: Predicting tenure and retention risk expands the skill from qualification assessment into behavioral forecasting about future employment. This is outside the advertised core purpose and can drive unfair or opaque screening decisions if users treat it as reliable evidence.

Context-Inappropriate Capability

Medium

Confidence: 97% confidence
Finding: Inferring personality traits, motivation, leadership potential, and team fit from resume text is a high-risk profiling behavior that is not necessary for basic resume scoring. In hiring contexts, such subjective inferences can create discriminatory or unfair screening outcomes while appearing authoritative despite weak evidentiary basis.

Vague Triggers

Medium

Confidence: 82% confidence
Finding: The top-level description is broad enough that the skill may trigger in loosely related conversations about scoring, matching, or reports outside a clearly bounded hiring workflow. Overbroad activation can cause the agent to process sensitive candidate data or launch file-handling behavior when the user did not intend to invoke this skill.

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The trigger phrases are generic and lack exclusions, increasing the chance of accidental invocation in unrelated contexts. In a skill that handles resumes and exports reports, mistaken activation raises confidentiality and data-minimization concerns even if no exploit is intended.

Missing User Warnings

High

Confidence: 98% confidence
Finding: The skill is designed to parse resumes and export reports containing names, phone numbers, email addresses, education, and employment history, but it does not clearly warn that this sensitive personal data may be stored or exported. In an HR context, silent handling of PII materially increases privacy, retention, and unauthorized disclosure risk.

Missing User Warnings

High

Confidence: 99% confidence
Finding: The document states that uploaded resumes are automatically saved to the working directory without an explicit storage disclosure or consent step. Because resumes contain sensitive PII, automatic disk persistence increases the chance of leakage through shared workspaces, backups, logs, or later unintended access.

Missing User Warnings

High

Confidence: 99% confidence
Finding: The skill instructs saving pasted resume content to a temporary file without warning the user that sensitive candidate information will be written to disk. Temporary files are frequently overlooked in cleanup and can expose PII to other users, processes, or later forensic recovery.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal