Skills
skills/extruct-ai/gtm-skills/email-generation/Gen Agent Trust Hub

email-generation

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local Python script scripts/sanitize-names.py using python3 to clean and sanitize contact data from CSV files. This involves passing file paths as arguments to the shell.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from external sources (Contact CSV and Prompt Templates) to generate content.
  • Ingestion points: Data enters the context via the Contact CSV and the .md prompt template files.
  • Boundary markers: There are no explicit instructions or delimiters defined to prevent the AI from executing instructions that might be embedded within the CSV rows or the template body.
  • Capability inventory: The skill possesses file read/write capabilities and the ability to execute shell commands (via the Python script call).
  • Sanitization: While scripts/sanitize-names.py is used, it focuses on functional cleaning (removing titles and junk characters) rather than security sanitization to filter out malicious LLM instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 12:39 PM