Skills
skills/manojbajaj95/gtm-skills/bd-email/Gen Agent Trust Hub

bd-email

Warn

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSDATA_EXFILTRATIONCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill utilizes a non-trusted external package @gongrzhe/server-gmail-autoauth-mcp via npx for Gmail integration.
  • DATA_EXFILTRATION (MEDIUM): The skill accesses sensitive local files including a contact database at /Users/forni/Craft/vocation/network/contacts.md and explicitly points to Gmail OAuth credential paths such as ~/.gmail-mcp/credentials.json.
  • COMMAND_EXECUTION (MEDIUM): Troubleshooting instructions involve executing shell commands like npx, cat, and ls on sensitive configuration directories.
  • INDIRECT_PROMPT_INJECTION (LOW): The skill's core workflow involves reading untrusted data from Gmail (read_email, search_emails) without specified boundary markers or sanitization. This surface allows malicious emails to potentially influence the agent's behavior during the drafting process.
  • Ingestion points: read_email and search_emails tools.
  • Boundary markers: None identified in instructions.
  • Capability inventory: send_email, draft_email, and local file system access.
  • Sanitization: None identified.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 19, 2026, 03:51 PM