Skills
skills/mattforni/dotfiles/bd-email/Gen Agent Trust Hub

bd-email

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE] (HIGH): The skill documentation explicitly references and accesses highly sensitive local file paths containing credentials, OAuth keys, and configuration data. Evidence in gmail-integration.md: ~/.gmail-mcp/credentials.json, ~/.gmail-mcp/gcp-oauth.keys.json, and ~/Library/Application Support/Claude/claude_desktop_config.json. Evidence in SKILL.md: /Users/forni/Craft/vocation/network/contacts.md.
  • [EXTERNAL_DOWNLOADS] (MEDIUM): The skill relies on an external MCP server from an unverified NPM source. Evidence in gmail-integration.md: @gongrzhe/server-gmail-autoauth-mcp is an external package not belonging to a trusted organization.
  • [PROMPT_INJECTION] (LOW): The skill processes untrusted email data which could contain malicious instructions. 1. Ingestion points: Gmail read_email and search_emails tools. 2. Boundary markers: None mentioned for email content processing. 3. Capability inventory: draft_email and send_email via Gmail MCP. 4. Sanitization: None mentioned.
  • [DATA_EXFILTRATION] (LOW): The skill performs network operations to the Gmail API for reading and sending email content, targeting non-whitelisted domains.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 06:11 PM