sendgrid-automation
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the user to add an external MCP server endpoint (
https://rube.app/mcp) to their client configuration to function. - [DATA_EXFILTRATION]: The skill manages sensitive data, including contact lists (emails, phone numbers) and marketing campaign details, which are transmitted to the external MCP server and SendGrid infrastructure.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) due to its interaction with untrusted external data.
- Ingestion points: Untrusted content enters the agent context via contact imports (
SENDGRID_IMPORT_CONTACTS,SENDGRID_ADD_OR_UPDATE_A_CONTACT) and email body parameters (SENDGRID_CREATE_SINGLE_SEND). - Boundary markers: There are no specific instructions or delimiters mentioned to prevent the agent from following instructions embedded within the processed email content or contact metadata.
- Capability inventory: The skill possesses extensive capabilities including sending marketing emails, managing sender identities, and modifying contact databases.
- Sanitization: The skill lacks explicit sanitization or validation logic for the content it processes before passing it to the SendGrid API tools.
Audit Metadata