Skills
skills/olshansk/agent-skills/cmd-email-md/Gen Agent Trust Hub

cmd-email-md

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted markdown content from external sources without sufficient isolation.
  • Ingestion points: Markdown input provided by the user either as inline text or via a local file path as described in SKILL.md.
  • Boundary markers: The instructions do not define clear delimiters or "ignore embedded instructions" warnings for the markdown content being processed.
  • Capability inventory: The conversion process involves reading local files (input markdown and reference components in references/email-components.md and references/email-html-compatibility.md) and writing a new HTML file to the local filesystem (SKILL.md).
  • Sanitization: Input content is mapped directly to HTML templates without validation or escaping of potential instructions embedded within the markdown text.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 05:11 PM