didit-email-verification
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No attempts to override system instructions or bypass safety guidelines were found in the skill metadata or body.
- [EXTERNAL_DOWNLOADS]: The skill communicates exclusively with official Didit domains (didit.me) to perform verification tasks. These are trusted vendor resources.
- [DATA_EXFILTRATION]: No unauthorized data transmission was detected. User-provided information (emails and codes) is sent only to the designated verification service as intended.
- [CREDENTIALS_UNSAFE]: The skill does not contain hardcoded API keys. It correctly uses the
DIDIT_API_KEYenvironment variable for secure authentication. - [COMMAND_EXECUTION]: The Python utility script performs specific HTTP requests using the
requestslibrary and does not execute arbitrary shell commands or use dangerous functions likeeval()orexec().
Audit Metadata