agentmail-cli
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
agentmail-clipackage globally via npm, which is a resource provided by the skill author 'agentmail-to'. - [COMMAND_EXECUTION]: The skill executes the
agentmailcommand-line utility to perform operations such as creating inboxes, sending messages, and configuring webhooks. - [PROMPT_INJECTION]: The skill retrieves and processes external email content, which creates a surface for indirect prompt injection attacks. 1. Ingestion points: Email content is fetched via
agentmail inboxes:messages retrievein SKILL.md. 2. Boundary markers: The skill does not define specific boundaries or instructions for the agent to ignore content within messages. 3. Capability inventory: The agent has command execution capabilities via theagentmailCLI. 4. Sanitization: No content validation or sanitization steps are documented for the incoming messages.
Audit Metadata