email-ops
Pass
Audited by Gen Agent Trust Hub on Apr 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were identified. The skill includes protective instructions to avoid exposing credentials or unnecessary metadata and emphasizes verification of actions.
- [PROMPT_INJECTION]: The skill processes untrusted external email data, creating an indirect prompt injection surface. (1) Ingestion points: Email bodies and thread histories (SKILL.md). (2) Boundary markers: No explicit delimiters or instructions are provided to the agent to distinguish email content from operational rules. (3) Capability inventory: Mailbox triage, drafting, and sending messages. (4) Sanitization: No validation or sanitization of external content is specified before the agent acts upon it.
Audit Metadata