Security audit

Jd Truth Detector

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward job-description analysis skill that uses user-provided inputs and a configured LLM endpoint, with privacy and dependency hygiene caveats.

Install only if you are comfortable sending job descriptions and any resume content to the LLM endpoint you configure. Prefer a trusted or local endpoint for sensitive resumes, avoid URL mode if you do not want the job site contacted, and consider pinning dependencies with a lockfile before production use.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (10)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 88% confidence
Finding: The skill documentation advertises capabilities that read environment variables, access local files, write output files, and make network requests, but it does not declare any permissions. This creates a transparency and consent gap: users or hosting platforms may not realize the skill can access sensitive resume data, API keys, local documents, or external URLs, increasing the risk of unintended data exposure or over-privileged execution.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The code sends raw resume_text to llm.chat() with no indication in this file of consent, minimization, redaction, or provider-boundary controls. Resumes commonly contain sensitive personal data (email, phone, employment history, location), so forwarding them to an external or user-configurable OpenAI-compatible LLM can create unintended privacy exposure and compliance risk.

Unpinned Dependencies

Low

Category: Supply Chain
Content: openai>=1.30.0 pyyaml>=6.0 jinja2>=3.1.0 python-docx>=1.1.0
Confidence: 93% confidence
Finding: openai>=1.30.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: openai>=1.30.0 pyyaml>=6.0 jinja2>=3.1.0 python-docx>=1.1.0 pdfplumber>=0.11.0
Confidence: 93% confidence
Finding: pyyaml>=6.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: openai>=1.30.0 pyyaml>=6.0 jinja2>=3.1.0 python-docx>=1.1.0 pdfplumber>=0.11.0 beautifulsoup4>=4.12.0
Confidence: 96% confidence
Finding: jinja2>=3.1.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: openai>=1.30.0 pyyaml>=6.0 jinja2>=3.1.0 python-docx>=1.1.0 pdfplumber>=0.11.0 beautifulsoup4>=4.12.0 httpx>=0.27.0
Confidence: 90% confidence
Finding: python-docx>=1.1.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: pyyaml>=6.0 jinja2>=3.1.0 python-docx>=1.1.0 pdfplumber>=0.11.0 beautifulsoup4>=4.12.0 httpx>=0.27.0 pytest>=8.0.0
Confidence: 90% confidence
Finding: pdfplumber>=0.11.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: jinja2>=3.1.0 python-docx>=1.1.0 pdfplumber>=0.11.0 beautifulsoup4>=4.12.0 httpx>=0.27.0 pytest>=8.0.0
Confidence: 88% confidence
Finding: beautifulsoup4>=4.12.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: python-docx>=1.1.0 pdfplumber>=0.11.0 beautifulsoup4>=4.12.0 httpx>=0.27.0 pytest>=8.0.0
Confidence: 90% confidence
Finding: httpx>=0.27.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: pdfplumber>=0.11.0 beautifulsoup4>=4.12.0 httpx>=0.27.0 pytest>=8.0.0
Confidence: 87% confidence
Finding: pytest>=8.0.0

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal