扫描报告
5 /100
batch-resume-screener
Batch screens multiple resumes against multiple job positions using strict evaluation rules
This is a legitimate batch resume screening skill with no security issues. The Python script safely extracts PDF text content using pdfplumber, and all documentation accurately reflects the implementation.
可以安装
This skill is safe to use. No security concerns identified.
安全发现 1 项
| 严重性 | 安全发现 | 位置 |
|---|---|---|
| 低危 | Dependency version not pinned 供应链 | README.md:147 |
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | WRITE | WRITE | ✓ 一致 | step1_extract_resumes.py creates output .txt files in user-specified directory |
| 网络访问 | NONE | NONE | — | No network requests in implementation |
| 命令执行 | NONE | NONE | — | No subprocess or shell execution in step1_extract_resumes.py |
| 环境变量 | NONE | NONE | — | No environment variable access in implementation |
| 技能调用 | NONE | NONE | — | No skill invocation observed |
| 剪贴板 | NONE | NONE | — | No clipboard access |
| 浏览器 | NONE | NONE | — | No browser access |
| 数据库 | NONE | NONE | — | No database access |
目录结构
3 文件 · 28.4 KB · 802 行 Markdown 2f · 724L
Python 1f · 78L
├─
README.md
Markdown
├─
SKILL.md
Markdown
└─
step1_extract_resumes.py
Python
依赖分析 1 项
| 包名 | 版本 | 来源 | 已知漏洞 | 备注 |
|---|---|---|---|---|
pdfplumber | * | pip | 否 | Version not pinned, but library is well-known and legitimate |
安全亮点
✓ SKILL.md and README.md are consistent and accurately describe the skill's functionality
✓ Python script uses only standard libraries plus pdfplumber - no suspicious dependencies
✓ No network requests, shell execution, or credential access
✓ No access to sensitive paths (~/.ssh, ~/.aws, .env)
✓ No base64 encoding/decoding or obfuscation techniques
✓ Proper file handling with cleanup of temporary directories
✓ Input validation on command-line arguments
✓ No eval, exec, or dynamic code execution
✓ Script stays within its designated output directory