newsletter-signal-scanner
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates as described, using local logic for keyword matching and standard file paths for configuration and output. No malicious code, unauthorized network calls, or credential leaks were detected.
- [PROMPT_INJECTION]: The skill processes untrusted external content (newsletters), which constitutes a surface for indirect prompt injection.
- Ingestion points: Newsletter bodies are ingested through the
agentmailtool (SKILL.md). - Boundary markers: None identified; email content is processed directly for keyword matching.
- Capability inventory: The agent is instructed to write summary files to the
clients/directory. - Sanitization: The skill performs HTML stripping to extract plain text but does not implement semantic sanitization against embedded instructions.
Audit Metadata