Skills
skills/odyssey4me/agent-skills/gmail/Gen Agent Trust Hub

gmail

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from an external source (Gmail) and provides it to the agent context.
  • Ingestion points: The messages list and messages get commands in scripts/gmail.py fetch external email content.
  • Boundary markers: The skill does not use explicit delimiters or instructions to the agent to ignore potentially malicious content within emails.
  • Capability inventory: The skill allows the agent to send emails (send), create drafts (drafts create), and manage labels (labels create) across the scripts/gmail.py file. These capabilities could be exploited if the agent is manipulated by instructions embedded in a received email.
  • Sanitization: No specific sanitization, escaping, or validation of the email body or snippets is performed before they are presented to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 03:55 AM