email-parser
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to ingest data from emails, which are untrusted sources. It lacks explicit boundary markers or sanitization instructions to prevent the agent from following instructions embedded in the processed emails. Evidence Chain: 1. Ingestion points: email-parser triggers; 2. Boundary markers: Absent; 3. Capability inventory: Bash, Read, Write, Edit; 4. Sanitization: Absent.
- [No Code] (SAFE): The skill consists entirely of markdown documentation and metadata. No executable scripts, binaries, or configuration files were detected.
Audit Metadata