Skills
skills/lawvable/agent-skills/outlook-emails-lawvable/Gen Agent Trust Hub

outlook-emails-lawvable

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes external email data.
  • Ingestion points: The get_emails function in scripts/outlook_oauth.py retrieves untrusted data including email subjects, sender names, and body previews.
  • Boundary markers: There are no delimiters or markers used to isolate the email content from the agent's instructions.
  • Capability inventory: The skill can write files to the local filesystem (saving attachments to ./attachments) and perform authorized network requests to the Microsoft Graph API.
  • Sanitization: While the script implements path traversal protection for attachment filenames, it does not sanitize or escape the content of the email body or subject.
  • [EXTERNAL_DOWNLOADS]: The skill uses the uv package manager to download and install standard Python dependencies including msal, requests, and python-dotenv from the official Python Package Index (PyPI).
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 10:17 AM