email-check
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted email content, creating a vulnerability surface for indirect prompt injection where malicious emails could influence the triage results or generated replies.
- Ingestion points: Email subjects and bodies fetched from Gmail or Outlook (SKILL.md).
- Boundary markers: No specific boundary markers or 'ignore' instructions are used to separate untrusted data from the agent's logic.
- Capability inventory: The skill uses
Read,Grep, andGlobfor local file access and utilizes dedicated MCP tools for email access. No arbitrary command execution or external network capabilities are listed. - Sanitization: The skill lacks sanitization for email body content before processing it for keywords or context.
Audit Metadata