Security audit

Interview Evaluation

Security checks across malware telemetry and agentic risk

Overview

The skill’s interview-evaluation purpose is coherent, but it needs Review because it persists sensitive candidate material and updates local knowledge files beyond the immediate task.

Review before installing. Use it only if you are comfortable with sensitive candidate assessments being written locally and potentially influencing future evaluations. Prefer restricting it to files you provide for the current task, require confirmation before any file write, and disable or manually review updates to EVOLUTION.md or shared knowledge files.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Context-Inappropriate Capability

Medium

Confidence: 95% confidence
Finding: The skill explicitly instructs the agent to use historical conversation data and local resume files to resolve candidate name matching before producing the evaluation. That expands data access beyond the immediate user-provided interview materials and can cause unnecessary collection or cross-linking of personal data, increasing privacy and scope-creep risk.

Context-Inappropriate Capability

Medium

Confidence: 96% confidence
Finding: The skill mandates saving the evaluation as a local .md file, which introduces persistent file-write behavior not required to draft an interview evaluation. Unnecessary persistence can create privacy, retention, and overwrite risks, especially because interview evaluations often contain sensitive candidate assessments.

Context-Inappropriate Capability

High

Confidence: 98% confidence
Finding: The feedback loop directs the agent to update EVOLUTION.md and several other local knowledge files after each evaluation, effectively granting a self-modifying, persistent knowledge-management role unrelated to the core task. This creates a durable channel for storing user-derived content and operational drift, with risks of privacy leakage, prompt/data poisoning, and unauthorized modification of local artifacts.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The instruction to save a local Markdown file does not warn the user that a new local file may be created or an existing one may be overwritten. For sensitive hiring content, silent persistence increases the chance of accidental data exposure, retention beyond user expectations, or destructive overwrites.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.