Resume Optimizer

Security checks across malware telemetry and agentic risk

Overview

This is a resume-editing instruction skill; its activation rules are broad, but it does not install code, request credentials, persist data, or send data externally.

Install if you want resume/CV rewriting help. Review outputs carefully for accuracy, avoid sharing unnecessary sensitive personal details, and be aware the publisher should narrow activation rules so casual career discussion does not automatically invoke resume rewriting.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The activation description is broad enough to trigger on generic mentions of resumes, CVs, or job applications, even when the user is not explicitly asking for resume rewriting. Over-broad activation can cause inappropriate skill takeover, leading to irrelevant processing of user content and reduced reliability or policy bypass of more suitable skills.

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The 'When to Activate' section contains ambiguous keyword triggers such as mentions of 'resume', 'CV', 'cover letter', or 'job application' without requiring a clear transformation request. This increases the chance of accidental invocation during general career discussion, which can expose unrelated user content to the wrong workflow and degrade routing safety.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal