recipe-send-personalized-emails
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: Utilizes the 'gws' CLI to perform Sheets and Gmail operations. This tool is associated with the 'googleworkspace' author and is used for its intended purpose.
- [DATA_EXFILTRATION]: The skill moves data from Google Sheets to Gmail recipients. This behavior is documented and legitimate within the context of a mail-merge style automation.
- [INDIRECT_PROMPT_INJECTION]: The skill features an attack surface for indirect prompt injection as it ingests untrusted data from a Google Sheet and uses it to construct email content. However, this is inherent to the skill's purpose.
- Ingestion points: Reads data from 'Contacts!A2:C' in a Google Sheet via
gws sheets +read(SKILL.md). - Boundary markers: None present in the command template.
- Capability inventory: Includes sending emails via
gws gmail +send. - Sanitization: No sanitization is performed on the spreadsheet data before interpolation.
Audit Metadata