Resume / CV Builder

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward resume-building helper with only a minor privacy note around an optional CDN stylesheet example.

Reasonable to install as a resume helper. Resume content can contain sensitive personal information, so avoid putting private resumes into generated HTML that loads remote CSS; use the local style.css example instead. Also verify the publisher if source provenance matters, because the homepage URL looks like a placeholder.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The custom styling example pulls CSS from an external CDN, which creates a network request and exposes that the resume export process may contact a third party. If the generated HTML is opened or shared, resume content may be rendered with externally hosted resources, creating privacy, tracking, availability, and supply-chain risks without warning the user.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal