Skills
skills/maroffo/claude-forge/newsletter-digest/Gen Agent Trust Hub

newsletter-digest

Pass

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the gog CLI tool to perform searches and retrieve email thread data from the user's Gmail account.\n- [COMMAND_EXECUTION]: The skill uses the obsidian CLI tool to append extracted information and timeline updates to the user's personal knowledge base vault.\n- [PROMPT_INJECTION]: The skill processes untrusted data from external email newsletters, creating a surface for indirect prompt injection.\n
  • Ingestion points: External email bodies are fetched through the gog tool as described in SKILL.md.\n
  • Boundary markers: The instructions do not define explicit delimiters or system warnings to isolate the ingested text from the processing prompt.\n
  • Capability inventory: The agent has the capability to modify the local file system through the obsidian CLI commands.\n
  • Sanitization: The extract_email.py script removes HTML tags but does not sanitize the remaining text for embedded natural language instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 19, 2026, 11:16 AM