What happens when a candidate tries to hack your hiring process?

Last week, we built an automation in n8n that exposed a sneaky trick hidden in a PDF resume — a hidden AI bypass designed to auto-qualify the candidate.

Here’s the high-level playbook:

1. Download the Resume

We pulled the file directly from Google Drive (but it could just as easily come from email or an ATS). The twist? The PDF wasn’t “just a PDF”… it carried a hidden prompt meant to hijack AI screening.

2. Convert PDF to Image(s)

AI vision models can’t read PDFs directly — so we ran it through Stirling PDF and converted it into images. Bonus: lowering resolution makes large-scale parsing way faster.

3. Parse with a Multimodal LLM

Instead of letting the hidden prompt trick our system, we pushed the images into Google Gemini. Because the LLM sees the resume like a human would, the malicious injection became irrelevant.

✅ The result: We bypassed the bypass. The resume was read as intended, not as the candidate wanted.

👉 Why this matters: If you’re screening at scale, candidates (and even bots) will try to game the system. This automation shows how to stay one step ahead — but this is only the surface.

📩 In the paid version of the newsletter, I’ll share the exact n8n workflow (ready to import).

⚡ Don’t let your AI get tricked. Subscribe now and get the full breakdown before your competitors do.

Subscribe to our premium content to read the rest.