Resumy

Security checks across malware telemetry and agentic risk

Overview

This resume tool has a coherent purpose, but it handles sensitive personal resume data without enough privacy, consent, retention, or download-scope detail.

Install only if you are comfortable sending resume contents and contact details to this service. Before using it with real applicant data, confirm the provider's privacy policy, retention/deletion behavior, access controls, and whether downloads are limited to your own generated files.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (4)

Description-Behavior Mismatch

Medium

Confidence: 86% confidence
Finding: The undocumented-looking /download/{filename} endpoint expands the skill beyond resume generation/parsing into file retrieval, which can expose generated artifacts or arbitrary server-side files if access control and filename validation are weak. In a skill handling highly sensitive PII such as resumes, any unnecessary download surface increases the risk of data leakage and misuse.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The skill explicitly handles highly sensitive personal data such as full names, email addresses, phone numbers, work history, education, and potentially job-targeting information, but provides no privacy notice, retention guidance, or data-handling limitations. This increases the risk that users send personally identifiable information to a third-party service without understanding exposure, storage, or downstream sharing implications.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The resume parsing endpoint invites upload of existing resume content in flexible formats, which commonly includes PII, employment history, addresses, and other sensitive applicant data, yet the skill does not warn about privacy risks or document how uploaded content is processed. Because parsing workflows often involve bulk ingestion, this can amplify accidental disclosure or unauthorized third-party processing of personal documents.

Vague Triggers

Medium

Confidence: 78% confidence
Finding: The generate and parse-resume operations process resumes, cover letters, and other personal data, but the spec provides no trigger constraints, consent boundaries, or exclusion conditions. That ambiguity can cause the skill to be invoked on sensitive user content unexpectedly or too broadly, leading to unauthorized processing or privacy violations.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal