Skills
skills/caffeinelabs/skills/email-verification/Gen Agent Trust Hub

email-verification

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill utilizes external dependencies caffeineai-email-verification and caffeineai-email. These are vendor-owned resources originating from the skill author's infrastructure, following standard modular design patterns.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection vulnerability surface where untrusted user input is ingested and processed into a downstream capability.\n
  • Ingestion points: The registerUser function in main.mo accepts email and name parameters from external callers.\n
  • Boundary markers: There are no markers or delimiters isolating the user-provided name string from the fixed HTML content of the email body template.\n
  • Capability inventory: The skill possesses the capability to send outgoing network data via the EmailClient.sendVerificationEmail function as observed in main.mo.\n
  • Sanitization: The skill lacks HTML escaping or sanitization for the name parameter before it is concatenated into the htmlBody variable, which is then passed to the email client.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 05:39 PM