Resume & Cover Letter

The skill is classified as suspicious due to the inclusion of `Bash` in `allowed-tools` and the generation of LaTeX files (`.tex`). While the skill's instructions are benign and focused on resume generation, the `Bash` tool grants powerful arbitrary command execution capabilities, and LaTeX files can be exploited for Remote Code Execution (RCE) via `\write18` if user-provided input is not properly sanitized before being embedded and compiled. These capabilities, without explicit sanitization instructions, create significant vulnerabilities for shell injection or LaTeX RCE, making the skill susceptible to exploitation despite lacking explicit malicious intent in its instructions.