Skills
skills/caffeinelabs/skills/extension-email-verification/Gen Agent Trust Hub

extension-email-verification

Pass

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: Potential indirect injection surface identified in src/backend/main.mo. The skill processes untrusted user input that is then used in a functional context.
  • Ingestion points: The registerUser function in src/backend/main.mo ingests user-provided name and email strings.
  • Boundary markers: Absent. The skill does not use delimiters or instructions to treat the user-provided name as data rather than code or formatting.
  • Capability inventory: The skill uses EmailClient.sendVerificationEmail to send messages over the network.
  • Sanitization: Absent. The user's name is concatenated directly into the HTML body of the verification email, allowing for potential HTML injection if the input contains malicious tags.
  • [EXTERNAL_DOWNLOADS]: Fetches and utilizes external Motoko modules caffeineai-email-verification and caffeineai-email via the mops package manager. These are standard dependencies provided by the author.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 21, 2026, 11:43 AM