Skills
skills/aaaaqwq/agi-super-skills/postmark-automation/Gen Agent Trust Hub

postmark-automation

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSNO_CODE
Full Analysis
  • [PROMPT_INJECTION]: The skill defines a potential surface for indirect prompt injection (Category 8) by ingesting and processing external data.
  • Ingestion points: Processes email templates via POSTMARK_GET_TEMPLATE and delivery feedback/bounce data via POSTMARK_GET_BOUNCES and POSTMARK_GET_SPAM_COMPLAINTS.
  • Boundary markers: No specific delimiters or instructions to ignore embedded commands are defined in the orchestration logic.
  • Capability inventory: High-impact capabilities include sending batch emails via POSTMARK_SEND_BATCH_WITH_TEMPLATES, editing templates via POSTMARK_EDIT_TEMPLATE, and modifying server settings via POSTMARK_EDIT_SERVER.
  • Sanitization: No explicit sanitization or validation logic is provided for template variables or external inputs before they are used in tool calls.
  • [EXTERNAL_DOWNLOADS]: The skill requires a connection to an external MCP server at https://rube.app/mcp. This is a standard integration pattern for using Rube-based toolkits and points to a known service provider.
  • [NO_CODE]: This is a documentation-only skill that guides an agent on how to use external tools. It contains no local scripts, binaries, or executable code, which significantly reduces the local attack surface.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 07:56 AM