The Agent Skills Directory

[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by interpolating untrusted input directly into email content sent via the Gmail API.
Ingestion points: The client_name and company_name fields from the input payload are used to personalize email subjects and bodies in scripts/welcome_client_emails.py.
Boundary markers: There are no delimiters or instructions provided to the agent or in the email templates to ignore potentially malicious instructions embedded within the user-provided data.
Capability inventory: The script has the capability to send emails externally using the Gmail API (service.users().messages().send).
Sanitization: No validation or sanitization is performed on the input strings before they are formatted into the email content.
[EXTERNAL_DOWNLOADS]: The skill relies on well-known Google API libraries for its core functionality.
Evidence: It utilizes standard packages such as google-api-python-client and google-auth to interact with Google services.

welcome-email