send-email-campaign
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes multiple local Python scripts to perform campaign analysis and scoring. Evidence: Execution of 'email-subject-tester.py', 'spam-score-checker.py', 'send-time-optimizer.py', 'brand-voice-scorer.py', 'approval-manager.py', and 'execution-tracker.py' via subprocesses.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its handling of untrusted user input. Ingestion points: Email content (subject line, body, preview text) and target list segments provided by the user are processed by scoring agents. Boundary markers: The workflow does not specify the use of delimiters or 'ignore' instructions to isolate user content from system prompts. Capability inventory: The skill has permissions to execute local scripts and perform high-impact network operations (sending bulk emails) via MCP servers. Sanitization: There is no evidence of content escaping or validation before processing.
Audit Metadata