Skip to content

Capabilities

Chad Boyd edited this page Jun 22, 2026 · 9 revisions

JobSentinel Current Capabilities

Version: 2.9.1 Last updated: June 22, 2026 Status: current 2.9.1 maintenance capability map

This page summarizes current user-facing and developer-facing capabilities. Repository docs remain the source of truth for exact behavior, tests, and release readiness. 2.9.1 preserves the 2.9.0 product behavior while refreshing dependencies, release metadata, validation evidence, and repo maintainability.

Product Boundary

JobSentinel is a desktop job-search assistant. It is not a hosted job-search service, employer-side hiring system, legal adviser, compensation authority, or application-submission bot.

Rule 0 controls every capability: user privacy and security are non-negotiable. JobSentinel must preserve local-first storage, credential safety, source boundaries, explicit user review, and privacy-preserving defaults.

External AI is optional, disabled by default, preview-gated, and routed through one privacy-first AI gateway. Core workflows work without external AI.

At A Glance

Area Current capability
App shell Desktop app built with React 19, TypeScript, Vite, Tailwind CSS, Tauri 2, Rust, Tokio, SQLite, and SQLx offline mode
Local data Saved searches, saved jobs, notes, resumes, salary floors, applications, source status, problem history, and support reports stay local by default
Job sources Scheduled source checks, source-status helpers, user-opened search links, and reviewed Browser Import
Fit review Visible local fit estimate using skills/search words, salary, location, company, and freshness
Posting risk Stale, reposted, vague, missing-pay, broad-title, source-trust, unsafe-link, and scam-like cues without claiming employer intent
Pay protection Salary floors, listed-pay review, missing-pay guidance, and evidence-bounded negotiation prep
Resume support Local resume parsing, readable-text preview, resume/job fit review, requirement review, resume builder, and exports
Application support Application board, notes, reminders, application profile, screening-answer review, and review-first form help
Local match intelligence Governed Qwen3 embeddings, bounded Qwen3 reranking, exact skill matching, BM25, blockers, seniority, and evidence signals in embedded-ML builds
Alerts Desktop, email, Slack, Discord, Microsoft Teams, and Telegram channels after user setup
Support Safe support reports can be copied or saved locally and reviewed before sharing
Agent Skills Downloadable job-search and resume workflow skills packaged as tar.gz and ZIP archives with checksums

Under The Hood

JobSentinel is more than a local tracker. The 2.9.x release line includes:

Mechanic Why it matters
Qwen3 local matching Qwen3-Embedding-0.6B retrieves meaningful resume/job passages and Qwen3-Reranker-0.6B reranks bounded candidates so direct evidence can beat keyword-only near misses.
Hybrid scoring Dense retrieval, BM25, exact skills, required coverage, seniority, blockers, evidence classes, and provenance stay inspectable.
Model governance models.lock.toml pins model identity, revisions, hashes, sizes, licenses, backends, instruction profiles, thresholds, and fallback behavior.
Source taxonomy Official feeds, employer career pages, ATS families, regional boards, public boards, restricted sources, search links, and manual paths are separated.
Restricted-source Workbench Sign-in-backed sources stay user-started and visible, without stored cookies, tokens, browser storage, or hidden page state.
Privacy-first AI gateway External providers stay optional, disabled by default, preview-gated, and routed through approval and metadata-only local logging.
Safe local operations Saved secrets use the local vault; safe support reports are review-first; release assets include checksums, SBOMs, and attestations.
Agent Skills packaging Job-search workflows ship as validated ZIP and tar.gz skill archives with checksums.

First Run And Saved Searches

First run is designed for job seekers who should not need terminal commands, GitHub knowledge, or debugging skill.

Users can:

  • choose a career path or custom search;
  • add job titles and work words;
  • add work to avoid;
  • choose remote, hybrid, onsite, or mixed location preferences;
  • choose alert destinations;
  • review the search before JobSentinel checks selected sources;
  • use non-technical presets for office/admin, retail/hospitality, trades/field, healthcare, education, customer support, sales, finance, operations, creative, legal, data, security, and software paths.

Only software, security, and data paths turn on tech-heavy job sources by default.

Job Source Monitoring

JobSentinel favors official posting sources, public feeds, company career pages, and hiring-platform sources.

Source checks and helpers include Greenhouse, Lever, RemoteOK, WeWorkRemotely, BuiltIn, Startup and tech job posts, JobsWithGPT, Dice, YC Startup Jobs, USAJobs, SimplyHired, Glassdoor, Indeed, Wellfound, and ZipRecruiter coverage where the source boundary allows it.

LinkedIn is a user-opened search-link and user-clicked Browser Import path. JobSentinel does not log in to LinkedIn, collect LinkedIn session credentials, call private LinkedIn systems, monitor LinkedIn in the background, or read LinkedIn result lists automatically.

Source checks:

  • run only for sources the user turns on;
  • wait within source limits;
  • cap very large responses;
  • remove duplicates;
  • save results locally;
  • record safe source-status details;
  • fail closed when a source cannot be checked within boundaries.

JobsWithGPT is disabled unless the user reviews and approves the exact job-source feed details. Approved feed requests send only needed search details, not resumes, salary floors, private notes, application history, screening answers, or unrelated profile details.

Fit Review

JobSentinel reviews jobs against saved preferences and shows a local fit estimate. The estimate is a sorting aid, not a verdict.

Visible fit factors are:

  • skills and search words;
  • salary;
  • location;
  • company preferences;
  • freshness.

Fit details explain what matched, what did not match, which saved setting affected the result, and what the user can change if the result is not useful. Invalid, missing, or out-of-range scores show unavailable copy instead of misleading zero-fit results.

Posting Risk And Scam Cues

Posting-risk review helps users avoid spending tailoring time on weak or unclear opportunities.

JobSentinel can surface:

  • stale-posting evidence;
  • repost and repeated-sighting evidence;
  • vague or thin descriptions;
  • missing listed pay;
  • broad or unclear titles;
  • unclear source routes;
  • unsafe or private job links;
  • possible scam signs such as money, checks, fees, sensitive details too early, messaging-app interviews, suspicious domains, or unrealistic pay.

Ghost-job and stale-posting labels do not claim to know employer intent. They tell the user when to verify before tailoring.

Pay Protection

Pay features help users protect compensation goals without treating JobSentinel as a compensation authority or legal adviser.

Current pay support includes:

  • salary floors;
  • listed-pay review on job cards and import previews;
  • missing-pay guidance when a salary floor exists;
  • malformed-pay fallbacks;
  • lower-title and lower-pay review cues;
  • public benchmark context where available;
  • negotiation-note drafts gated on user-entered offer and target range facts.

Missing pay is not treated as proof of a scam or ghost job. It stays visible as review evidence because hidden pay can waste time and increase underpayment risk.

Resume Match And Resume Builder

Resume workflows are local and sensitive by default.

Current resume support includes:

  • PDF, DOCX, TXT, Markdown, HTML, and JSON Resume handling where locally supported;
  • local rejection of resume files over 10 MB before managed local storage;
  • readable-text preview without exposing saved local file paths;
  • resume library and active-resume selection;
  • reviewed-skill sorting after user approval;
  • resume/job fit review;
  • requirement grouping for required, preferred, and nice-to-have wording;
  • hard-constraint review for work authorization, licenses, screening, background checks, location, tools, schedule, and years of experience;
  • application-readability checks for missing headings, table-like extracted text, hidden instructions, invisible characters, and image-only resume risk;
  • export checks for selectable text, reading order, employer-requested file type, portal auto-fill review, portable local data, and major Greenhouse, Workday, and Taleo / Oracle Recruiting portal field review;
  • truthful resume bullet suggestions that preserve user wording and evidence;
  • resume builder drafts, previews, templates, and exports.

Resume Match does not fabricate qualifications, hide keywords, stuff unrelated terms, prompt-inject resumes, or present local fit as an employer decision.

Application Tracking And Application Assist

JobSentinel keeps applications under user review.

Current application support includes:

  • application board and status tracking;
  • notes, reminders, interview details, and follow-up context;
  • application profile preview;
  • saved screening-answer review;
  • hard-question review for legal, screening, credential, physical, age-related, education, schedule, location, availability, and notice-period wording;
  • review-first application form help for common application platforms;
  • unsafe-link rejection and source-boundary checks.

JobSentinel never clicks final Submit for the user. If an application site requires a resume, the user attaches it through that site's own file picker.

Notifications

Notifications are optional and user-controlled.

Available channels:

  • desktop alerts;
  • email;
  • Slack;
  • Discord;
  • Microsoft Teams;
  • Telegram.

Desktop alerts use privacy-preserving wording by default. External email and chat alerts may include job title, company, location, salary, remote status, fit label, source, and job link because those services deliver the alert outside the app. Local fit reasons, saved search strategy, salary-floor details, private notes, and application history stay inside JobSentinel.

Local Data And Safe Support Reports

JobSentinel treats job-search data as sensitive.

Local-first data includes:

  • saved searches and search history;
  • saved jobs, hidden jobs, bookmarks, notes, and application records;
  • resume versions and parsing results;
  • salary floors, salary preferences, offer notes, and negotiation notes;
  • notification preferences;
  • problem history and safe support reports.

Runtime credential commands, scheduler, notifications, and smoke tests use encrypted SQLite vault storage. File-backed app data opens through SQLCipher, and passive status/list checks stay non-interactive.

Safe support reports can be copied or saved from Settings, App Problem History, crash recovery, or page error recovery. Reports are sanitized by default and should avoid full notes, resumes, full search text, salary floors, secrets, private paths, cookies, connection links, tokens, raw field names, or full application history.

Settings backup covers settings, saved searches, and cover letter templates. The backup leaves saved connection details, passwords, tokens, cookies, browser sessions, local database records, and safe support reports out. Full local recovery is separate from Settings restore because it can replace jobs, applications, resumes, notes, reminders, and history.

Privacy, Security, And Responsible AI

Current safeguards include:

  • no telemetry requirement;
  • local SQLite storage by default;
  • encrypted local vault storage for saved secrets;
  • no full database uploads;
  • no automatic saved-resume uploads;
  • no external AI by default;
  • external AI minimization, preview, redaction, cancellation, approval, and local request logging;
  • direct-provider calls blocked outside the AI gateway;
  • safe URL and source-boundary checks;
  • scraper rate-limit and response-size boundaries;
  • no restricted-site automation, CAPTCHA bypass, platform-control evasion, or hidden session collection.

External AI can be used only as an assistive layer after opt-in. It must not submit applications, fabricate qualifications, hide keywords, add prompt injection, manipulate employer screening systems, infer protected traits, solve CAPTCHAs, or send full local database dumps.

Agent Skills

The repository includes downloadable Agent Skills for:

  • job-search planning;
  • job-posting risk review;
  • resume tailoring;
  • application-form review;
  • application tracking;
  • networking outreach;
  • interview prep;
  • offer and pay review.

Each skill uses a compact SKILL.md, optional deeper references, templates, handoffs to adjacent skills, and agents/openai.yaml metadata. The release path packages the skill directory as both tar.gz and ZIP archives with matching checksums.

Developer And Harness Capabilities

The repository uses a maintained harness for agent-assisted work:

  • short AGENTS.md entrypoint;
  • docs and plans as source of truth;
  • active status and current-work plan;
  • change contracts for non-trivial work;
  • verification matrix by change type;
  • public wiki inventory in the harness manifest;
  • local path leak checks;
  • maintainable file-size checks;
  • frontend architecture checks;
  • Tauri invoke registration checks;
  • external AI gateway checks;
  • security sensor checks;
  • test-quality checks;
  • repo bloat checks;
  • harness scoring and session snapshots.

Current local 2.9.1 evidence includes harness 100, docs, bloat, release version/readiness/dependency/skills checks, security sensors, script tests, frontend tests, lint/build, Rust checks, E2E coverage, and startup keyboard shortcut validation. Public artifact verification remains tied to the published release assets on GitHub Releases.

Platform And Release Posture

Primary targets are Windows 11+, macOS, and Linux.

Use the latest GitHub release for packages, checksums, SBOMs, attestations, and Agent Skills archives.

The no-account 2.9.1 release line can publish signed Windows installers when credentials exist, or explicitly _unsigned Windows MSI and setup EXE assets when they do not. The same release line includes no-account macOS DMG support, Linux AppImage and deb assets, checksums, SBOMs, attestations, Agent Skills tar.gz, Agent Skills ZIP, and matching archive checksums.

Current macOS full-public readiness is 94%; no-account path completion is 100%. The remaining full-public gap requires Apple Developer Program materials for Developer ID signing, notarization, stapling, Gatekeeper acceptance, and signed public-artifact verification.