Back to skill

Security audit

AI人才定级专家

Security checks across malware telemetry and agentic risk

Overview

The skill appears purpose-built for AI hiring evaluation, but it can automatically process and save sensitive candidate materials without enough opt-in, privacy, or retention guidance.

Install only for controlled recruiting workflows where you are authorized to process candidate materials. Require explicit user intent before running it, redact unnecessary identifiers, store generated reports in a protected location, delete them when no longer needed, and treat grading or contradiction analysis as decision support rather than an automatic hiring decision.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README instructs users to upload resumes and interview records for automated evaluation, which are likely to contain sensitive personal data such as employment history, contact details, compensation clues, and interview notes. Failing to disclose privacy handling, consent expectations, retention, access controls, or redaction guidance can lead to inappropriate collection and exposure of personal data, especially because the skill’s core workflow depends on processing candidate dossiers.

Vague Triggers

Medium
Confidence
81% confidence
Finding
The trigger language includes broad phrases such as resume review, resume audit, and post-interview scoring, which are common requests outside the stated AI-specific grading scope. This can cause the skill to activate in situations involving sensitive employment data when the user did not specifically ask for this specialized analysis, increasing the risk of over-collection, misrouting, or unintended processing of candidate materials.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill states that uploading a resume file or interview record automatically triggers it, even without a clear intent signal from the user. In a context involving highly sensitive personal and hiring data, this is risky because mere attachment of candidate materials could invoke analysis, extraction, and scoring workflows the user did not explicitly request.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
This tool processes resumes and interview records, which are highly likely to contain personal and sensitive employment data, but the CLI flow does not present any explicit privacy notice, consent reminder, retention guidance, or redaction warning before analysis. In hiring contexts, silent processing of PII and inferred assessments increases privacy, compliance, and insider-misuse risk because operators may handle or store sensitive candidate data without adequate disclosure or safeguards.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The program automatically writes generated candidate audit/evaluation reports to disk, but does not clearly warn that those reports may contain sensitive personal data, interview-derived judgments, and potentially defamatory or restricted hiring assessments. In an HR screening context, persisting such reports without explicit disclosure or secure-by-default handling can lead to unintended retention, unauthorized access, or accidental sharing.

Natural-Language Policy Violations

Medium
Confidence
95% confidence
Finding
The file is entirely written in Chinese and presents authoritative grading/calibration instructions without indicating locale flexibility. In a skill that may be invoked by diverse users, this can force responses, reasoning artifacts, or user-facing outputs into a specific language without explicit user opt-in, causing misunderstanding and inconsistent evaluations.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Static analysis

No suspicious patterns detected.