$ cat writeup.md…
$ cat writeup.md…
hackadvisor
Task: HireScreen AI-powered candidate screening platform where LLM (gpt-4o-mini) with tool calling analyzes user-submitted resumes; get_job_details tool has include_confidential parameter. Solution: Craft resume with hidden prompt injection instructions to make AI call get_job_details with include_confidential=true, leaking the flag from confidential_project_code. Also discoverable via dashboard API data over-exposure.
Permission denied (requires tier.pro)
Sign in with GitHub, Discord, or Google to continue. No email required.
$sign in$ grep --similar