agentmail

[Skill Scanner] Detected attempt to override previous instructions All findings: [CRITICAL] prompt_injection: Detected attempt to override previous instructions (PI001) [AITech 1.1] [HIGH] supply_chain: Installation of third-party script detected (SC006) [AITech 9.1.4] This is product documentation for an email API (AgentMail) aimed at AI agents. There is no direct evidence of malicious code or supply-chain attack patterns in the provided text. However, the webhook usage examples contain realistic security pitfalls: reliance on payload 'from' fields and 'deliver:true' auto-forward actions can enable prompt injection or leakage of email contents into chat channels if webhook authenticity and reviewer workflows are not enforced. Operators should enforce webhook signature verification, prefer isolated review sessions for untrusted senders, and avoid auto-delivery to persistent channels without additional validation. LLM verification: The AgentMail documentation and examples implement expected email-for-agent features and explicitly call out prompt-injection risks. No direct signs of embedded malware or obfuscation are present in the provided content. Primary security concerns are operational and supply-chain: unpinned PyPI installation, execution of user-editable transform modules from a local path (potential for arbitrary code execution if compromised), and forwarding of untrusted email content into agent prompts or externa