email-template
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill establishes an architectural pattern for transactional emails that processes dynamic data, creating a potential surface for indirect prompt injection.\n
- Ingestion points: Data properties in
DailyReportEmailand other template components inSKILL.mdact as entry points for external data.\n - Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are present in the template examples to prevent the agent from interpreting injected data as instructions.\n
- Capability inventory: The skill defines a
sendEmailutility inSKILL.mdcapable of transmitting rendered content externally via the Resend API.\n - Sanitization: No specific input validation or sanitization logic is provided in the implementation examples, relying on default framework behavior.\n- [EXTERNAL_DOWNLOADS]: References official packages for email rendering and delivery from well-known providers.\n
- Evidence: Suggests installation of
@react-email/components,react-email, andresendwhich are standard industry tools.
Audit Metadata