email-systems
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions attempting to override safety filters or extract system prompts were found in the skill metadata or instructions.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials or sensitive file path access were detected. The skill specifically includes a validation rule to detect exposed API keys in user code.
- [Remote Code Execution] (SAFE): No remote scripts are downloaded or executed. The skill references standard, trusted components in its examples.
- [Indirect Prompt Injection] (SAFE): The skill is designed to analyze user-provided code patterns, creating a potential ingestion surface, but its capabilities are strictly informational. Evidence: 1. Ingestion points: User-provided code snippets and email patterns mentioned in the skill description. 2. Boundary markers: Absent. 3. Capability inventory: The skill is restricted to providing feedback and analysis; no subprocess calls, file writes, or network operations are present. 4. Sanitization: Includes specific validation patterns (template-interpolation-xss) to help users identify and mitigate risks.
Audit Metadata