Skills
skills/jezweb/claude-skills/email-gateway/Gen Agent Trust Hub

email-gateway

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: CRITICALPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION] (LOW): The skill presents an indirect prompt injection vulnerability surface because it processes untrusted data within its context.\n
  • Ingestion points: Data enters via the request.json() call in Cloudflare Worker handlers across several templates (e.g., templates/mailgun-send.ts, templates/smtp2go-send.ts).\n
  • Boundary markers: Absent; user-provided email content is not delimited or protected by instructions to ignore embedded commands.\n
  • Capability inventory: The skill possesses network capabilities via fetch and database access through env.DB bindings.\n
  • Sanitization: No sanitization or validation of input data is performed before it is used in API requests.\n- [COMMAND_EXECUTION] (LOW): The script scripts/test-provider.sh uses the curl utility to perform HTTP POST requests to external provider APIs. While intended for connectivity testing, it represents a surface for command execution.\n- [EXTERNAL_DOWNLOADS] (LOW): The skill relies on external Node.js dependencies, including resend, react-email, and associated components from the npm registry, which are not included in the primary trusted sources list.
Recommendations
  • Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 17, 2026, 04:42 PM