Skills
skills/psyduckler/openclaw-sales-skills/email-verifier/Gen Agent Trust Hub

email-verifier

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
  • Indirect Prompt Injection (LOW): The skill ingests untrusted data from external sources.
  • Ingestion points: scripts/verify_email.py reads from files via --csv and from standard input via --stdin.
  • Boundary markers: Absent. The script treats input strings as raw email addresses.
  • Capability inventory: Performs network connections via smtplib and reads local files via open().
  • Sanitization: Only basic presence of '@' is checked before processing.
  • Data Exposure & Exfiltration (LOW): The skill connects to external SMTP servers (Port 25) based on the domains provided in the input data. This is an intended feature for verification but allows outbound traffic to arbitrary destinations.
  • External Downloads (SAFE): The skill requires dnspython, which is a well-known and trustworthy DNS library. This installation is a standard dependency management practice.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:48 PM