Cold Email Writer
Pass
Audited by Gen Agent Trust Hub on Feb 14, 2026
Risk Level: LOWNO_CODE
Full Analysis
- NO_CODE (SAFE): The skill consists entirely of Markdown instructions for the agent's behavior. No Python, JavaScript, or shell scripts are present in the provided files.
- Indirect Prompt Injection (INFO): The skill is designed to process external information (such as recipient research and company news) to personalize emails. 1. Ingestion points: SKILL.md (Section: Personalization Tiers) prompts the user or agent to gather details from external sources like LinkedIn and blog posts. 2. Boundary markers: Absent. The skill does not use delimiters or instructions to ignore embedded commands in the source data. 3. Capability inventory: None. The skill generates text output only; no subprocess calls, file-write, or network operations are defined. 4. Sanitization: Absent.
- External References (LOW): The skill includes links to external 'context packs' and installation instructions for a third-party tool named 'ClawHub'. While these sources are not within the trusted scope, they are presented as informational text/markdown links rather than automated or runtime-executed commands.
Audit Metadata