Skills
skills/fadeloo/skills/email-smtp-send/Gen Agent Trust Hub

email-smtp-send

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: The implementation in scripts/smtp_send.py uses the standard Python smtplib library for email delivery. It adheres to security best practices by utilizing environment variables for credentials and ensures that sensitive information like the SMTP_PASSWORD is not printed during configuration validation.
  • [PROMPT_INJECTION]: The skill processes user-supplied data for email subjects and bodies, which represents a surface for indirect prompt injection. This is a functional requirement for email tools rather than a vulnerability in the implementation.
  • Ingestion points: scripts/smtp_send.py accepts --subject and --body as command-line arguments.
  • Boundary markers: None are defined for the message content.
  • Capability inventory: The script performs network operations to send emails to an external SMTP server via the smtplib library.
  • Sanitization: No sanitization or content validation is performed on the text content before delivery.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 05:15 PM