Suspicious Email Analyzer
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill is entirely instructional and serves as a template to help users and the AI analyze phishing attempts and scam emails. It does not include any functional scripts or executable logic.
- [NO_CODE]: The skill consists solely of a markdown file (SKILL.md) with no associated Python, JavaScript, or shell code.
- [PROMPT_INJECTION]: The skill is designed to ingest and analyze untrusted email content, which represents an indirect prompt injection surface.
- Ingestion points: Email sender addresses, subject lines, body text, and links provided by the user in SKILL.md.
- Boundary markers: The skill lacks explicit delimiters or instructions to ignore embedded commands in the analyzed content.
- Capability inventory: There are no capabilities, tools, or subprocesses defined in the skill, meaning an injection has no 'gadgets' to exploit.
- Sanitization: No sanitization or input filtering is performed. However, due to the complete absence of system-level capabilities, the risk of a successful attack is negligible.
Audit Metadata