smart-email-assistant
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill is composed exclusively of Markdown documentation and templates. No scripts, binaries, or configuration files are present in the provided file.- [PROMPT_INJECTION]: The skill provides an indirect prompt injection surface because it summarizes and classifies external email data. 1. Ingestion points: Incoming emails processed in the inbox summary and priority classification tasks. 2. Boundary markers: No delimiters are specified to isolate untrusted email content from the agent's instructions. 3. Capability inventory: Mentions potential use of himalaya and outlook-cli for email tasks; LLM generation of drafts. 4. Sanitization: No content validation or sanitization of ingested email text is implemented. This represents a vulnerability surface inherent to the tool's purpose but no malicious injection is present in the skill itself.
Audit Metadata